The Easy Digital Downloads (EDD) Stripe extension for WordPress, as used with EDD 1.8.x prior to 1.8.7, 1.9.x prior to 1.9.10, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.11, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.7, has XSS because add_query_arg is misused.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sandhillsdev easy digital downloads |
||
easydigitaldownloads stripe - |