Vulnerabilities > Sandhillsdev > Easy Digital Downloads > 1.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-16 | CVE-2019-15116 | Cross-site Scripting vulnerability in Sandhillsdev Easy Digital Downloads The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging. | 4.3 |
| 2019-08-16 | CVE-2015-9324 | SQL Injection vulnerability in Sandhillsdev Easy Digital Downloads The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. | 7.5 |