The Easy Digital Downloads (EDD) Stripe extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
Metrics
Affected Vendors & Products
References
History
Fri, 07 Feb 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Awesomemotive
Awesomemotive easy Digital Downloads |
|
CPEs | cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Sandhillsdev
Sandhillsdev easy Digital Downloads |
Awesomemotive
Awesomemotive easy Digital Downloads |

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T08:51:05.283Z
Reserved: 2019-10-14T00:00:00
Link: CVE-2015-9529

No data.

Status : Modified
Published: 2019-10-23T16:15:10.807
Modified: 2025-02-07T19:44:53.660
Link: CVE-2015-9529

No data.