Smub Easy Digital Downloads – Ecommerce Payments And Subscriptions Made Easy
14 CVEs affecting Smub Easy Digital Downloads – Ecommerce Payments And Subscriptions Made Easy. Latest disclosed: 2026-05-28. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2439 | High | 7.2 | 2024-09-24 | The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'uploa… |
CVE-2025-4670 | Medium | 6.4 | 2025-05-29 | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's… |
CVE-2024-0659 | Medium | 5.5 | 2024-02-05 | The Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th… |
CVE-2025-8102 | Medium | 5.4 | 2025-08-20 | The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.5.0. This is due to missing… |
CVE-2025-11271 | Medium | 5.3 | 2025-11-06 | The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all versions up to, and including, 3.5.2 due to an order verification by… |
CVE-2025-2252 | Medium | 5.3 | 2025-03-25 | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Sensitive Information Exposure in all version… |
CVE-2024-2302 | Medium | 5.3 | 2024-04-09 | The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Sensitive Informat… |
CVE-2024-12875 | Medium | 4.9 | 2024-12-21 | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Directory Traversal in all versions up to, an… |
CVE-2024-13517 | Medium | 4.4 | 2025-01-18 | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title val… |
CVE-2024-6691 | Medium | 4.4 | 2024-08-10 | The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site… |
CVE-2026-7533 | Medium | 4.3 | 2026-05-28 | The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.7. This is due to missing… |
CVE-2025-14783 | Medium | 4.3 | 2025-12-31 | The Easy Digital Downloads plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.6.2. This is due to insufficient… |
CVE-2024-9654 | Low | 3.7 | 2024-12-17 | The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient vali… |
CVE-2024-6692 | Low | 3.3 | 2024-08-10 | The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site… |