Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-13	CVE-2023-40005	Missing Authorization vulnerability in Awesomemotive Easy Digital Downloads Missing Authorization vulnerability in Easy Digital Downloads Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.1.5. network low complexity awesomemotive CWE-862 critical	9.8
2024-08-29	CVE-2024-5057	SQL Injection vulnerability in Awesomemotive Easy Digital Downloads Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12. network low complexity awesomemotive CWE-89 critical	9.8
2023-05-02	CVE-2023-30869	Improper Authentication vulnerability in Awesomemotive Easy Digital Downloads Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. network low complexity awesomemotive CWE-287 critical	9.8
2022-11-21	CVE-2022-3600	Unspecified vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output in a CSV file, which could lead to CSV injection. network low complexity awesomemotive critical	9.8
2019-08-16	CVE-2015-9324	SQL Injection vulnerability in Awesomemotive Easy Digital Downloads The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. network low complexity awesomemotive CWE-89 critical	9.8