CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9525 – Easy Digital Downloads – Recurring Payments <= 2.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9525
20 Apr 2015 — The Easy Digital Downloads (EDD) Recurring Payments extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Recurring Payments de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, ve... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9513 – Easy Digital Downloads – Favorites <= 1.0.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9513
20 Apr 2015 — The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Favorites de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x ante... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2015-9505 – Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.3.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9505
20 Apr 2015 — The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused. El componente principal de Easy Digital Downloads (EDD) versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x anteriores a 2.2.9, y versiones 2.3.x anteriores a 2.3.7 para Wor... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9506 – Easy Digital Downloads – Amazon S3 <= 2.1.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9506
20 Apr 2015 — The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión de Amazon S3 de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x a... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9521 – Easy Digital Downloads – Pushover notifications <= 1.2.8 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9521
20 Apr 2015 — The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Pushover Notifications de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9528 – Easy Digital Downloads – Software Licensing < 3.2.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9528
20 Apr 2015 — The Easy Digital Downloads (EDD) Software Licensing extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Software Licensing de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, ve... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9529 – Easy Digital Downloads Stripe Extension <= 2.1.2 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9529
20 Apr 2015 — The Easy Digital Downloads (EDD) Stripe extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Stripe de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x anteriores... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9512 – Easy Digital Downloads (Various Versions) - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9512
20 Apr 2015 — The Easy Digital Downloads (EDD) CSV Manager extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión CSV Manager de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x ... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9520 – Easy Digital Downloads – Per Product Emails < 1.0.9 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9520
20 Apr 2015 — The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Per Product Emails de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, ve... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9536 – Easy Digital Downloads (EDD) Twenty-Twelve < 1.1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9536
20 Apr 2015 — The Easy Digital Downloads (EDD) Twenty-Twelve theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. El tema Twenty-Twelve de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x anter... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •