cleantalk
Vulnerabilities and Security Researches

Easy Digital Downloads – Courses, 7e57cd4f4859826de00a8e2b09ee24fb7f2d824b

CVE, Research URL

7e57cd4f4859826de00a8e2b09ee24fb7f2d824b

Home page URL

Security reports for Easy Digital Downloads – Courses

Application

Easy Digital Downloads – Courses

Published on
Feb 25, 2019
Research Description
Easy Digital Downloads &#8211; Courses [edd-courses] < 0.1.1 (closed) Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update The Freemius SDK for WordPress is vulnerable to authorization bypass due to a missing capability check on the _get_db_option and _set_db_option functions in versions up to, and including, 2.2.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change site settings and potentially take over the site.
Affected versions
max 0.1.1.
Status
vulnerable
Previous vulnerability researches
Appy Pie Connect for WooCommerce (CVE-2025-9286) , Oct 11, 2025
Appy Pie Connect for WooCommerce (CVE-2023-53611) , Jun 16, 2026
New vulnerability
Easy PayPal Shopping Cart (d9c154a32db8150cd5b35b089c8962452eb8b232) , Jun 16, 2026
WooCommerce Bulk Edit Products &#8211; WP Sheet Editor (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
WooCommerce Bulk Edit Products &#8211; WP Sheet Editor (c96d4505ae821ee74cb84c52314168c7def288e3) , Jun 16, 2026
One Click SSL (a0512afcd41bd78674dd83f56b59967b6302c782) , Jun 16, 2026
Guest posting / Frontend Posting wordpress plugin &#8211; WP Front User Submit / Front Editor (66bf9d8ddfa7afe2990fc5ef3c7e2c971384f52a) , Jun 16, 2026