Easy Digital Downloads 3.1 – 3.3.4 – Improper Authorization to Paywall Bypass | CVE 2024-9654 | Plugin Vulnerabilities

Description

The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient validation checks within the 'verify_guest_email' function to ensure the requesting user is the intended recipient of the purchase receipt. This makes it possible for unauthenticated attackers to bypass intended security restrictions and view the receipts of other users, which contains a link to download paid content. Successful exploitation requires knowledge of another customers email address as well as the file ID of the content they purchased.

Affects Plugins

easy-digital-downloads

Fixed in 3.3.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/d3f4de75-abf5-46e8-854d-be91ed74a5f3

Classification

Type

INCORRECT AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Arkadiusz Hydzik

Verified

No

WPVDB ID

d03a6469-08a9-4ed6-acc2-616ea1be3b10

Timeline

Publicly Published

2024-12-16 (about 1 year ago)

Added

2024-12-16 (about 1 year ago)

Last Updated

2024-12-17 (about 1 year ago)

Other

Published

Title

Published

2022-02-23

Title

WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion

Published

2024-06-20

Title

WishList Member X < 3.26.7 - Subscriber+ Privilege Escalation

Published

2023-10-26

Title

WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion

Published

2022-03-16

Title

Responsive Menu < 4.1.8 - Subscriber+ Arbitrary File Upload / Theme Deletion / Plugin Settings Update

Published

2026-04-20

Title

Responsive Blocks < 2.2.1 - Unauthenticated Open Email Relay via REST API 'email_to' Parameter