Security Advisory

CVE-2025-2252

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-25 07:04:54

Last updated 2026-04-08 17:11:41

Assigner Wordfence

State PUBLISHED

Description

The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.6.1 via the edd_ajax_get_download_title() function. This makes it possible for unauthenticated attackers to extract private post titles of downloads. The impact here is minimal.

← Browse all CVEs View on cve.org ↗