CVE-2025-4670 | Easy Digital Downloads Plugin up to 3.3.8.1 on WordPress Shortcode edd_receipt cross site scripting

Inserito da Angelo Barbosa | Mag 29, 2025 | CVE

A vulnerability was found in Easy Digital Downloads Plugin up to 3.3.8.1 on WordPress. It has been classified as problematic. Affected is the function edd_receipt of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-4670. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4670 | Easy Digital Downloads Plugin up to 3.3.8.1 on WordPress Shortcode edd_receipt cross site scripting

Post correlati

CVE-2024-11932 | Rockwell Automation DataMosaix Private Cloud 7.09 path traversal (icsa-25-028-05)

CVE-2024-27098 | GLPI up to 10.0.12 server-side request forgery

CVE-2024-7499 | itsourcecode Airline Reservation System 1.0 flights.php departure_airport_id sql injection

CVE-2024-31031 | libcoap 4.3.4 coap_pdu.c integer overflow