Filtered by vendor Sandhillsdev Subscriptions
Total 46 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-9508 2 Easydigitaldownloads, Sandhillsdev 2 Commissions, Easy Digital Downloads 2024-11-21 6.1 Medium
The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVE-2015-9507 2 Easydigitaldownloads, Sandhillsdev 2 Attach Accounts To Orders, Easy Digital Downloads 2024-11-21 6.1 Medium
The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVE-2015-9506 2 Easydigitaldownloads, Sandhillsdev 2 Amazon S3, Easy Digital Downloads 2024-11-21 6.1 Medium
The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVE-2015-9505 1 Sandhillsdev 1 Easy Digital Downloads 2024-11-21 6.1 Medium
The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.
CVE-2015-9324 1 Sandhillsdev 1 Easy Digital Downloads 2024-11-21 9.8 Critical
The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.
CVE-2024-5057 2 Easydigitaldownloads, Sandhillsdev 2 Easy Digital Downloads, Easy Digital Downloads 2024-09-20 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12.