| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14783 | Easy Digital Downloads <= 3.6.2 - Unvalidated Redirect in Password Reset Flow via edd_redirect | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.3 | 2025-12-31 06:24:43 | Deep Dive |
| CVE-2025-11271 | Easy Digital Download <= 3.5.2 - Insufficient Verification to Order Manipulation | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2025-11-06 04:36:22 | Deep Dive |
| CVE-2025-8102 | Easy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install Functions | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.4 | 2025-08-20 11:26:10 | Deep Dive |
| CVE-2025-4670 | Easy Digital Downloads <= 3.3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via edd_receipt Shortcode | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 6.4 | 2025-05-29 08:22:03 | Deep Dive |
| CVE-2023-2334 | Easy Digital Downloads Google Sheet Connector < 1.6.6 - Access Code Update via CSRF | Unknown | edd-google-sheet-connector-pro | - | - | 2025-05-15 20:08:57 | Deep Dive |
| CVE-2025-2252 | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy <= 3.3.6.1 - Unauthenticated Private Post Title Disclosure | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2025-03-25 07:04:55 | Deep Dive |
| CVE-2024-13517 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Title | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2025-01-18 07:05:09 | Deep Dive |
| CVE-2024-12875 | Easy Digital Downloads <= 3.3.2 - Authenticated (Admin+) Arbitrary File Download | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.9 | 2024-12-21 11:22:45 | Deep Dive |
| CVE-2024-9654 | Easy Digital Downloads 3.1 - 3.3.4 - Improper Authorization to Paywall Bypass | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.7 | 2024-12-17 11:10:19 | Deep Dive |
| CVE-2023-40005 | WordPress Easy Digital Downloads plugin <= 3.1.5 - Broken Access Control | Syed Balkhi | Easy Digital Downloads | 中危 | - | 2024-12-13 14:24:04 | Deep Dive |
| CVE-2024-43162 | WordPress Easy Digital Downloads plugin <= 3.2.12 - Broken Access Control vulnerability | Easy Digital Downloads | Easy Digital Downloads | Medium | 4.3 | 2024-11-01 14:17:42 | Deep Dive |
| CVE-2022-2439 | Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR Deserialization | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | High | 7.2 | 2024-09-24 03:06:39 | Deep Dive |
| CVE-2024-5057 | WordPress Easy Digital Downloads plugin <= 3.2.12 - SQL Injection vulnerability | Easy Digital Downloads | Easy Digital Downloads | Critical | 9.3 | 2024-08-29 14:04:35 | Deep Dive |
| CVE-2024-6692 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Agreement Text | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.3 | 2024-08-10 02:01:23 | Deep Dive |
| CVE-2024-6691 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Currency Settings | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2024-08-10 02:01:20 | Deep Dive |
| CVE-2024-35629 | WordPress Easy Digital Downloads – Recent Purchases plugin <= 1.0.2 - Remote File Inclusion vulnerability | Wow-Company | Easy Digital Downloads – Recent Purchases | Critical | 9.6 | 2024-06-04 13:34:27 | Deep Dive |
| CVE-2024-32100 | WordPress Easy Digital Downloads plugin <= 3.2.11 - Sensitive Data Exposure vulnerability | Easy Digital Downloads | Easy Digital Downloads | Medium | 5.3 | 2024-05-13 09:22:40 | Deep Dive |
| CVE-2024-31113 | WordPress Easy Digital Downloads plugin <= 3.2.11 - Cross Site Request Forgery (CSRF) vulnerability | Easy Digital Downloads | Easy Digital Downloads | Medium | 4.3 | 2024-05-10 08:34:09 | Deep Dive |
| CVE-2024-31293 | WordPress Easy Digital Downloads plugin <= 3.2.6 - Cross Site Request Forgery (CSRF) vulnerability | Easy Digital Downloads | Easy Digital Downloads | Medium | 4.3 | 2024-04-12 12:34:09 | Deep Dive |
| CVE-2024-2302 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.2.9 - Sensitive Information Exposure | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2024-04-09 18:58:30 | Deep Dive |