NotCVE - vendor:"Easydigitaldownloads"

Page 4 of 31 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2015-9530 – Easy Digital Downloads – Upload File <= 1.0.4 - Arbitrary File Upload/Deletion

https://notcve.org/view.php?id=CVE-2015-9530

09 Apr 2015 — The Easy Digital Downloads (EDD) Upload File extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. La extensión Upload File de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x ... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-434: Unrestricted Upload of File with Dangerous Type •

1 2 3 4