The Easy Digital Downloads (EDD) Upload File extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
Metrics
Affected Vendors & Products
References
History
Fri, 07 Feb 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Awesomemotive
Awesomemotive easy Digital Downloads |
|
CPEs | cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Sandhillsdev
Sandhillsdev easy Digital Downloads |
Awesomemotive
Awesomemotive easy Digital Downloads |

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T08:51:05.290Z
Reserved: 2019-10-14T00:00:00
Link: CVE-2015-9530

No data.

Status : Modified
Published: 2019-10-23T16:15:10.903
Modified: 2025-02-07T19:44:53.660
Link: CVE-2015-9530

No data.