CVE-2015-9512
Easy Digital Downloads (Various Versions) - Cross-Site Scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Easy Digital Downloads (EDD) CSV Manager extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
La extensión CSV Manager de Easy Digital Downloads (EDD) para WordPress, como es usada con EDD versiones 1.8.x anteriores a 1.8.7, versiones 1.9.x anteriores a 1.9.10, versiones 2.0.x anteriores a 2.0.5, versiones 2.1.x anteriores a 2.1.11, versiones 2.2.x anteriores a 2.2.9, y versiones 2.3.x anteriores a 2.3.7, presenta una vulnerabilidad de tipo XSS porque el parámetro add_query_arg es usado inapropiadamente.
The Easy Digital Downloads Plugin for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-04-20 CVE Published
- 2019-10-14 CVE Reserved
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sandhillsdev Search vendor "Sandhillsdev" | Easy Digital Downloads Search vendor "Sandhillsdev" for product "Easy Digital Downloads" | >= 1.8 < 1.8.7 Search vendor "Sandhillsdev" for product "Easy Digital Downloads" and version " >= 1.8 < 1.8.7" | wordpress |
Affected
| in | Easydigitaldownloads Search vendor "Easydigitaldownloads" | Csv Manager Search vendor "Easydigitaldownloads" for product "Csv Manager" | - | easy_digital_downloads |
Affected
|
Sandhillsdev Search vendor "Sandhillsdev" | Easy Digital Downloads Search vendor "Sandhillsdev" for product "Easy Digital Downloads" | >= 1.9 < 1.9.10 Search vendor "Sandhillsdev" for product "Easy Digital Downloads" and version " >= 1.9 < 1.9.10" | wordpress |
Affected
| in | Easydigitaldownloads Search vendor "Easydigitaldownloads" | Csv Manager Search vendor "Easydigitaldownloads" for product "Csv Manager" | - | easy_digital_downloads |
Affected
|
Sandhillsdev Search vendor "Sandhillsdev" | Easy Digital Downloads Search vendor "Sandhillsdev" for product "Easy Digital Downloads" | >= 2.0 < 2.0.5 Search vendor "Sandhillsdev" for product "Easy Digital Downloads" and version " >= 2.0 < 2.0.5" | wordpress |
Affected
| in | Easydigitaldownloads Search vendor "Easydigitaldownloads" | Csv Manager Search vendor "Easydigitaldownloads" for product "Csv Manager" | - | easy_digital_downloads |
Affected
|
Sandhillsdev Search vendor "Sandhillsdev" | Easy Digital Downloads Search vendor "Sandhillsdev" for product "Easy Digital Downloads" | >= 2.1 < 2.1.11 Search vendor "Sandhillsdev" for product "Easy Digital Downloads" and version " >= 2.1 < 2.1.11" | wordpress |
Affected
| in | Easydigitaldownloads Search vendor "Easydigitaldownloads" | Csv Manager Search vendor "Easydigitaldownloads" for product "Csv Manager" | - | easy_digital_downloads |
Affected
|
Sandhillsdev Search vendor "Sandhillsdev" | Easy Digital Downloads Search vendor "Sandhillsdev" for product "Easy Digital Downloads" | >= 2.2 < 2.2.9 Search vendor "Sandhillsdev" for product "Easy Digital Downloads" and version " >= 2.2 < 2.2.9" | wordpress |
Affected
| in | Easydigitaldownloads Search vendor "Easydigitaldownloads" | Csv Manager Search vendor "Easydigitaldownloads" for product "Csv Manager" | - | easy_digital_downloads |
Affected
|
Sandhillsdev Search vendor "Sandhillsdev" | Easy Digital Downloads Search vendor "Sandhillsdev" for product "Easy Digital Downloads" | >= 2.3 < 2.3.7 Search vendor "Sandhillsdev" for product "Easy Digital Downloads" and version " >= 2.3 < 2.3.7" | wordpress |
Affected
| in | Easydigitaldownloads Search vendor "Easydigitaldownloads" | Csv Manager Search vendor "Easydigitaldownloads" for product "Csv Manager" | - | easy_digital_downloads |
Affected
|