CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-9536 – Easy Digital Downloads (EDD) Twenty-Twelve < 1.1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9536
20 Apr 2015 — The Easy Digital Downloads (EDD) Twenty-Twelve theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. El tema Twenty-Twelve de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x anter... • https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •