Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) 3.2.5

  • Severity: medium-risk
  • Status: Fixed
  • Publication: December 27, 2023

The Easy Digital Downloads plugin for WordPress is not secure in versions 3.2.5 and earlier. An attacker who has a contributor-level account or a higher level of access can add malicious code to the website, which will run when someone visits the affected page. This code could do things like steal information from the person visiting the page or take control of their computer. It is important to update to a secure version of Easy Digital Downloads to keep your website safe.

Detected in:

Easy Digital Downloads – eCommerce Payments and Subscriptions made easy fixed vulnerable versions:
Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) fixed vulnerable versions:
Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.