VYPR

Email Before Download

by WordPress

CVEs (2)

  • CVE-2021-24748HigNov 29, 2021
    risk 0.57cvss 8.8epss 0.01

    The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection issues

  • CVE-2024-23519MedFeb 29, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in M&S Consulting Email Before Download.This issue affects Email Before Download: from n/a through 6.9.7.