Spider-themes Eazydocs — known CVE vulnerabilities
Every CVE whose affected-product data names Spider-themes Eazydocs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-6035 — CVSS 8.8 (high): The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize and escape "data" parameter before using it in an SQL statement via…
CVE-2023-6029 — CVSS 7.5 (high): The EazyDocs WordPress plugin before 2.3.6 does not have authorization and CSRF checks when handling documents and does not ensure that…
CVE-2024-3999 — CVSS 4.8 (medium): The EazyDocs WordPress plugin before 2.5.0 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2024-0248 — CVSS 4.3 (medium): The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 (https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597…