Vulnerabilities > Sandhillsdev

DATE CVE VULNERABILITY TITLE RISK
2019-10-23 CVE-2015-9516 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9515 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) htaccess Editor extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9514 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9513 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9512 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) CSV Manager extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9511 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Conditional Success Redirects extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9510 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Cross-sell Upsell extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9509 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9508 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1
2019-10-23 CVE-2015-9507 Cross-site Scripting vulnerability in multiple products
The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
network
low complexity
sandhillsdev easydigitaldownloads CWE-79
6.1
6.1