Awesomemotive

awesomemotive

64 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Easy Digital Downloads

easy_digital_downloads

CVEs (64)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-2387 1Awesomemotive 1Easy Digital Downloads May 5, 2025 Nov 7, 2022 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Easy Digital Downloads WordPress plugin before 3.0 does not have CSRF check in place when deleting payment history, and does not ensure that the post to be deleted is actually a payment history. As a result, attacker...Show more The Easy Digital Downloads WordPress plugin before 3.0 does not have CSRF check in place when deleting payment history, and does not ensure that the post to be deleted is actually a payment history. As a result, attackers could make a logged in admin delete arbitrary post via a CSRF attackShow less
CVE-2022-33900 1Awesomemotive 1Easy Digital Downloads Feb 20, 2025 Aug 22, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.
CVE-2022-2552 1Awesomemotive 1Duplicator Feb 2, 2026 Aug 22, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Duplicator WordPress plugin before 1.4.7 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site.
CVE-2022-2551 1Awesomemotive 1Duplicator Feb 2, 2026 Aug 22, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrato...Show more The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating.Show less
CVE-2022-0707 1Awesomemotive 1Easy Digital Downloads Feb 7, 2025 Apr 18, 2022 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when inserting payment notes, which could allow attackers to make a logged admin insert arbitrary notes via a CSRF attack
CVE-2022-0706 1Awesomemotive 1Easy Digital Downloads Feb 7, 2025 Apr 18, 2022 N/A· v4 4.8 MEDIUM· v3 2.1 LOW· v2 The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfil...Show more The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltered_html capability is disallowedShow less
CVE-2021-39354 1Awesomemotive 1Easy Digital Downloads Feb 7, 2025 Oct 21, 2021 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $start_date and $end_date parameters found in the ~/includes/admin/payments/class-payments-table.php file which allows a...Show more The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $start_date and $end_date parameters found in the ~/includes/admin/payments/class-payments-table.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.11.2.Show less
CVE-2020-11738 1Awesomemotive 1Duplicator Feb 2, 2026 Apr 13, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
CVE-2015-9524 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Recount Earnings Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Recount Earnings extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, ha...Show more The Easy Digital Downloads (EDD) Recount Earnings extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9523 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Recommended Products Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Recommended Products extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7...Show more The Easy Digital Downloads (EDD) Recommended Products extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9522 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Qr Code Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS bec...Show more The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9521 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Pushover Notifications Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3...Show more The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9520 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Per Product Emails Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7,...Show more The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9519 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Pdf Stamper Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS...Show more The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9518 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Pdf Invoices Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XS...Show more The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9517 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Manual Purchases Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Manual Purchases extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, ha...Show more The Easy Digital Downloads (EDD) Manual Purchases extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9516 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Invoices Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS be...Show more The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9515 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Htaccess Editor Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) htaccess Editor extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has...Show more The Easy Digital Downloads (EDD) htaccess Editor extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9514 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Free Downloads Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has...Show more The Easy Digital Downloads (EDD) Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less
CVE-2015-9513 2Awesomemotive Easydigitaldownloads 2Easy Digital Downloads Favorites Feb 7, 2025 Oct 23, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS b...Show more The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.Show less

Previous 123 4 Next