Filtered by vendor Sandhillsdev
Subscriptions
Filtered by product Easy Digital Downloads
Subscriptions
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-9508 | 2 Easydigitaldownloads, Sandhillsdev | 2 Commissions, Easy Digital Downloads | 2024-11-21 | 6.1 Medium |
The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. | ||||
CVE-2015-9507 | 2 Easydigitaldownloads, Sandhillsdev | 2 Attach Accounts To Orders, Easy Digital Downloads | 2024-11-21 | 6.1 Medium |
The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. | ||||
CVE-2015-9506 | 2 Easydigitaldownloads, Sandhillsdev | 2 Amazon S3, Easy Digital Downloads | 2024-11-21 | 6.1 Medium |
The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. | ||||
CVE-2015-9505 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2024-11-21 | 6.1 Medium |
The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused. | ||||
CVE-2015-9324 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2024-11-21 | 9.8 Critical |
The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. | ||||
CVE-2024-5057 | 2 Easydigitaldownloads, Sandhillsdev | 2 Easy Digital Downloads, Easy Digital Downloads | 2024-09-20 | 9.3 Critical |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12. |