WordPress Easy Digital Downloads Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-51684
5.4MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 1 February 2024
What is CVE-2023-51684?
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Digital Downloads Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) allows Stored XSS.This issue affects Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy): from n/a through 3.2.5.
Affected Version(s)
Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) <= 3.2.5