|Number of vulnerabilities||1|
Easy Digital Downloads
Web applications / Modules and components for CMS
|Vendor||Easy Digital Downloads|
This security bulletin contains one low risk vulnerability.
CWE-840 - Business Logic Errors (3.0)
Exploit availability: NoDescription
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to unspecified error related to nonce logic when disconnecting from Stripe Connect. A remote attacker can bypass implemented security restrictions.
Install updates from vendor's website.Vulnerable software versions
Easy Digital Downloads: 2.10.2 - 2.10.2CPE2.3
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?