CVE-2023-30869
WordPress Easy Digital Downloads Plugin 3.1-3.1.1.4.1 is vulnerable to Privilege EscalationImproper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation. This issue affects Easy Digital Downloads: from 3.1 through 3.1.1.4.1.
We have discovered 289 live websites that are affected by CVE-2023-30869.
Affected Software
| Product | |
| Category | Ecommerce |
| Vulnerable Domains | 289 live websites (2.08% of Easy Digital Downloads install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 12 versions ( 8.11% of all versions) |
Common Weakness Enumeration
CWE-287 Improper AuthenticationDetails
- Published - May 2, 2023
- Updated - Jan 8, 2025
Credits
- Tien Nguyen Anh (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2023-30869 United States | 110 websites |
 Iran | 29 websites |
 Germany | 24 websites |
 Italy | 20 websites |
 GB | 16 websites |
 France | 8 websites |
 Cyprus | 8 websites |
 Netherlands | 7 websites |
 Denmark | 7 websites |
Website Distribution by TLD
Number of websites using CVE-2023-30869| .com | 156 websites |
| .org | 20 websites |
| .it | 14 websites |
| .de | 8 websites |
| .net | 7 websites |
| .co.uk | 7 websites |
| .fr | 4 websites |
| .eu | 4 websites |
| .dk | 3 websites |
| .ch | 2 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-30869
Top websites that are affected by CVE-2023-30869. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *************.com | United States | *,*** | |
| ************.com |  India | **,*** | |
| **********.com | United States | ***,*** | |
| *****.*********.com | United States | ***,*** | |
| **************.com | United States | ***,*** | |
| **********************.com | United States | ***,*** | |
| *****.tv | Netherlands | ***,*** | |
| **********.com | United States | ***,*** | |
| ***********.com | United States | ***,*** | |
| **************.com | United States | ***,*** |
FAQ
CVE-2023-30869 is Improper Authentication in Easy Digital Downloads
A total of 289 websites have been identified as vulnerable to CVE-2023-30869, based on global website indexing conducted by WebTechSurvey.
The Easy Digital Downloads is affected by the CVE-2023-30869 vulnerability.
Easy Digital Downloads versions up to and including 3.1.1.4.1 are vulnerable to CVE-2023-30869.