ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Easy Digital Downloads Plugin <= 2.5.7 - PHP Object Injection

Product
Easy Digital Downloads
Description
Because of this vulnerability, attackers can execute arbitrary PHP code.
Solution
Upgrade the plugin.
Classification
Type Arbitrary Code Execution
OWASP Top 10 A1: Injection
References
Github
CVE
Name CVE-N/A
Versions
Affected In <= 2.5.7
Fixed In 2.5.8
Disclosure date
2016-03-02
Credits
Danny van Kooten