The Easy Digital Downloads (EDD) Quota theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
References
Link | Resource |
---|---|
https://web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2019-10-23 16:15
Updated : 2024-02-28 17:28
NVD link : CVE-2015-9534
Mitre link : CVE-2015-9534
CVE.ORG link : CVE-2015-9534
JSON object : View
Products Affected
sandhillsdev
- easy_digital_downloads
easydigitaldownloads
- quota
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')