CVE-2024-35629

Name of the Vulnerable Software and Affected Versions Easy Digital Downloads – Recent Purchases versions 1.0.2 and earlier

Description The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion'. This allows PHP Remote File Inclusion in Wow-Company Easy Digital Downloads – Recent Purchases.

Recommendations For versions 1.0.2 and earlier, update to a version later than 1.0.2 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.