Vulnerabilities > CVE-2023-30869 - Unspecified vulnerability in Sandhillsdev Easy Digital Downloads

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

sandhillsdev

critical

NVD

Published: 2023-05-02

Updated: 2024-11-21

Summary

Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation. This issue affects Easy Digital Downloads: from 3.1 through 3.1.1.4.1.

Vulnerable Configurations

Part	Description	Count
Application	Sandhillsdev Sandhillsdev Easy Digital Downloads 3.1 Sandhillsdev Easy Digital Downloads 3.1.0.1 Sandhillsdev Easy Digital Downloads 3.1.0.1.1 Sandhillsdev Easy Digital Downloads 3.1.0.2 Sandhillsdev Easy Digital Downloads 3.1.0.3 Sandhillsdev Easy Digital Downloads 3.1.1.4.1	6

References

https://patchstack.com/articles/critical-easy-digital-downloads-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-1-1-4-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve
https://patchstack.com/articles/critical-easy-digital-downloads-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-1-1-4-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve