Vulnerabilities > Awesomemotive > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-43162 | Missing Authorization vulnerability in Awesomemotive Easy Digital Downloads Missing Authorization vulnerability in Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.2.12. | 8.8 |
| 2024-09-24 | CVE-2022-2439 | Deserialization of Untrusted Data vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'upload[file]' parameter in versions up to, and including 3.3.3. | 7.2 |
| 2023-12-26 | CVE-2023-6114 | Files or Directories Accessible to External Parties vulnerability in Awesomemotive Duplicator The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. | 7.5 |
| 2022-08-22 | CVE-2022-33900 | Deserialization of Untrusted Data vulnerability in Awesomemotive Easy Digital Downloads PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress. | 7.2 |