Easy digital downloads
This hub aggregates every CVE we track for Easy digital downloads, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
42
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM39CRITICAL2HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Easy digital downloads.
- CVE-2026-39503WordPress Easy Digital Downloads plugin <= 3.6.5 - Broken Access Control vulnerability7.5
- CVE-2025-4670Easy Digital Downloads <= 3.3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via edd_receipt Shortcode6.4
- CVE-2024-35629WordPress Easy Digital Downloads – Recent Purchases plugin <= 1.0.2 - Remote File Inclusion vulnerability9.6
- CVE-2023-51684WordPress Easy Digital Downloads Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)6.5
- CVE-2023-0380Easy Digital Downloads < 3.1.0.5 - Contributor+ Stored XSS5.4
- CVE-2022-0707Easy Digital Downloads < 2.11.6 - Arbitrary Payment Note Insertion via CSRF4.3
- CVE-2022-0706Easy Digital Downloads < 2.11.6 - Admin+ Stored Cross-Site Scripting4.8
- CVE-2021-39354Easy Digital Downloads <= 2.11.2 Authenticated Reflected Cross-Site Scripting4.8
- CVE-2015-9505The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS be...6.1
- CVE-2015-9506The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x ...6.1
- CVE-2015-9507The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2...6.1
- CVE-2015-9508The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3....6.1
- CVE-2015-9509The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, ...6.1
- CVE-2015-9510The Easy Digital Downloads (EDD) Cross-sell Upsell extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, an...6.1
- CVE-2015-9511The Easy Digital Downloads (EDD) Conditional Success Redirects extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x befo...6.1
Product normalization is registry-driven with AI assist and human review. How it works