CVE-2023-51684

Name of the Vulnerable Software and Affected Versions Easy Digital Downloads versions through 3.2.5

Description The issue affects Easy Digital Downloads, allowing Stored XSS due to improper neutralization of input during web page generation. This can lead to cross-site scripting attacks.

Recommendations For versions through 3.2.5, update to a version later than 3.2.5 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Avoid using potentially vulnerable functions or parameters in the affected plugin until the issue is resolved. At the moment, there is no information about additional mitigation measures.