Headline
CVE-2019-15116: Easy Digital Downloads – Simple eCommerce for Selling Digital Files
The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging.
Related news
CVE-2015-9324: Easy Digital Downloads – Simple eCommerce for Selling Digital Files
The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.