Sandhillsdev Easy_digital_downloads
5 CVEs affecting Sandhillsdev Easy_digital_downloads. Latest disclosed: 2024-05-14. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-23489 | Critical | 9.8 | 2023-01-20 | The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of… |
CVE-2023-0380 | Medium | 5.4 | 2023-02-21 | The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not validate and escape some of its block options before outputting them back in a page/post wh… |
CVE-2024-32100 | Medium | 5.3 | 2024-05-14 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through… |
CVE-2024-31113 | Medium | 4.3 | 2024-05-14 | Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11. |
CVE-2024-31293 | Medium | 4.3 | 2024-04-12 | Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6. |