📦 Easy Digital Downloads

This SQL injection vulnerability in the Easy Digital Downloads WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It affects all WordPress sites running Easy Digital ...

This vulnerability allows unauthenticated attackers to gain administrative privileges on WordPress sites running the Easy Digital Downloads plugin. Attackers can exploit improper authentication to esc...

The Easy Digital Downloads WordPress plugin exposes private download post titles to unauthenticated users via an AJAX function. This affects all WordPress sites using the plugin up to version 3.3.6.1,...

This stored XSS vulnerability in the Easy Digital Downloads WordPress plugin allows authenticated administrators to inject malicious scripts into page titles. The scripts execute when users view affec...

This vulnerability allows authenticated WordPress administrators to perform directory traversal attacks through the file download functionality, enabling them to read arbitrary files on the server. Th...

This CVE describes a Missing Authorization vulnerability in the Easy Digital Downloads WordPress plugin that allows attackers to exploit incorrectly configured access control security levels. It affec...

This CVE describes a missing authorization vulnerability in the Easy Digital Downloads WordPress plugin that allows attackers to bypass access controls. It affects all versions up to 3.2.12, potential...

This stored XSS vulnerability in the Easy Digital Downloads WordPress plugin allows authenticated administrators to inject malicious scripts that execute when users view affected pages. Only WordPress...