Sandhillsdev Easy Digital Downloads — known CVE vulnerabilities
Every CVE whose affected-product data names Sandhillsdev Easy Digital Downloads, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-23489 — CVSS 9.8 (critical): The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in…
CVE-2023-0380 — CVSS 5.4 (medium): The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not validate and escape some of its block options before outputting them…
CVE-2024-32100 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital…
CVE-2024-31113 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through…
CVE-2024-31293 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6.