Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Easy Digital Downloads — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting Easy Digital Downloads. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Easy Digital Downloads is a WordPress plugin for selling digital products, with 9 CVEs recorded. Historically, it has been susceptible to multiple vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation. Notable security characteristics include its popularity among digital merchants, making it a frequent target. While no major public incidents have been widely documented, the consistent discovery of vulnerabilities underscores the importance of regular updates and proper input validation. The plugin's core functionality involves payment processing and file delivery, which, if compromised, could lead to unauthorized access or data breaches.

Top products by Easy Digital Downloads: Easy Digital Downloads Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy)
CVE IDTitleCVSSSeverityPublished
CVE-2024-43162 WordPress Easy Digital Downloads plugin <= 3.2.12 - Broken Access Control vulnerability — Easy Digital DownloadsCWE-862 4.3 Medium2024-11-01
CVE-2024-5057 WordPress Easy Digital Downloads plugin <= 3.2.12 - SQL Injection vulnerability — Easy Digital DownloadsCWE-89 9.3 Critical2024-08-29
CVE-2024-32100 WordPress Easy Digital Downloads plugin <= 3.2.11 - Sensitive Data Exposure vulnerability — Easy Digital DownloadsCWE-200 5.3 Medium2024-05-13
CVE-2024-31113 WordPress Easy Digital Downloads plugin <= 3.2.11 - Cross Site Request Forgery (CSRF) vulnerability — Easy Digital DownloadsCWE-352 4.3 Medium2024-05-10
CVE-2024-31293 WordPress Easy Digital Downloads plugin <= 3.2.6 - Cross Site Request Forgery (CSRF) vulnerability — Easy Digital DownloadsCWE-352 4.3 Medium2024-04-12
CVE-2023-51684 WordPress Easy Digital Downloads Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS) — Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy)CWE-79 6.5 Medium2024-02-01
CVE-2023-30869 WordPress Easy Digital Downloads Plugin 3.1-3.1.1.4.1 is vulnerable to Privilege Escalation — Easy Digital DownloadsCWE-287 9.8 Critical2023-05-02
CVE-2022-33900 WordPress Easy Digital Downloads plugin <= 3.0.1 - PHP Object Injection vulnerability — Easy Digital Downloads 4.1 Medium2022-08-22
CVE-2021-39354 Easy Digital Downloads <= 2.11.2 Authenticated Reflected Cross-Site Scripting — Easy Digital DownloadsCWE-79 4.8 Medium2021-10-21

This page lists every published CVE security advisory associated with Easy Digital Downloads. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.