Awesomemotive Easy Digital Downloads — known CVE vulnerabilities
Every CVE whose affected-product data names Awesomemotive Easy Digital Downloads, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (55)
CVE-2022-3600 — CVSS 9.8 (critical): The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output in a CSV file, which could lead to CSV…
CVE-2023-30869 — CVSS 9.8 (critical): Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation. This issue affects Easy Digital…
CVE-2024-5057 — CVSS 9.3 (critical): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL…
CVE-2022-2439 — CVSS 7.2 (high): The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of…
CVE-2023-51684 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Digital Downloads Easy Digital…
CVE-2025-4670 — CVSS 6.4 (medium): The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2015-9511 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Conditional Success Redirects extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before…
CVE-2015-9512 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) CSV Manager extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9513 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9514 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9515 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) htaccess Editor extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9517 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Manual Purchases extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9518 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9519 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9520 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10…
CVE-2015-9521 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10…
CVE-2015-9522 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9523 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Recommended Products extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10…
CVE-2015-9524 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Recount Earnings extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9525 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Recurring Payments extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10…
CVE-2015-9526 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Reviews extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9527 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Simple Shipping extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9528 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Software Licensing extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10…
CVE-2015-9529 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Stripe extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9530 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Upload File extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9531 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Wish Lists extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9532 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Digital Store theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9533 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Lattice theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5…
CVE-2015-9534 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Quota theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5…
CVE-2015-9535 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Shoppette theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9536 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Twenty-Twelve theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2019-15116 — CVSS 6.1 (medium): The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging.
CVE-2015-9516 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9505 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x…
CVE-2015-9506 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before…
CVE-2015-9507 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before…
CVE-2015-9508 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2015-9509 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10…
CVE-2015-9510 — CVSS 6.1 (medium): The Easy Digital Downloads (EDD) Cross-sell Upsell extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x…
CVE-2024-0659 — CVSS 5.5 (medium): The Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for WordPress is vulnerable to Stored…
CVE-2025-2252 — CVSS 5.3 (medium): The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Sensitive Information…
CVE-2023-40005 — CVSS 5.3 (medium): Missing Authorization vulnerability in Syed Balkhi Easy Digital Downloads easy-digital-downloads allows Exploiting Incorrectly Configured…
CVE-2024-2302 — CVSS 5.3 (medium): The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable…
CVE-2024-12875 — CVSS 4.9 (medium): The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Directory Traversal in…
CVE-2021-39354 — CVSS 4.8 (medium): The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $start_date and $end_date parameters…
CVE-2022-0706 — CVSS 4.8 (medium): The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could…
CVE-2024-13517 — CVSS 4.4 (medium): The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-6691 — CVSS 4.4 (medium): The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable…
CVE-2022-0707 — CVSS 4.3 (medium): The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when inserting payment notes, which could allow…
CVE-2024-43162 — CVSS 4.3 (medium): Missing Authorization vulnerability in Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2022-2387 — CVSS 4.3 (medium): The Easy Digital Downloads WordPress plugin before 3.0 does not have CSRF check in place when deleting payment history, and does not ensure…
CVE-2024-9654 — CVSS 3.7 (low): The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a…
CVE-2024-6692 — CVSS 3.3 (low): The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable…