Kitgenix Plugin Score

Easy Digital Downloads – eCommerce Payments and Subscriptions made easy

Slug: easy-digital-downloads · Syed Balkhi · 40,000+

Actively maintained
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy banner image

Overall Score

Scan this plugin to generate a full score report

--
Not Yet Scanned

What this score means

Scores are calculated on a 100-point scale by analysing six weighted categories: Security, WP.org Readiness, Performance, Code Quality, Accessibility, and Vulnerabilities. Open vulnerabilities are weighted by severity, CVSS, and patch availability, and incomplete source data can reduce confidence slightly.

  • Excellent The plugin follows best practices across every measured category. It is well-maintained, low-risk, and recommended for production use.
  • Good Strong overall quality with minor areas for improvement. Generally safe to use on most sites.
  • Needs Review Some areas of concern detected. Review the full issues report and weigh the risks before installing on production.
  • High Risk Significant quality or security problems found. Exercise caution — check the details carefully before using this plugin.
No scan has been completed yet. Vulnerability and issue data will appear after the first scan.
  • Wordfence: June 10, 2026 7:46 am (37 minutes ago)

Actions

View on WordPress.org Download Plugin
After the first scan, this plugin will be automatically re-scanned every 30 days.
Export report: CSV JSON

Score Breakdown

Shield
Security
--
Pending Scan
W
WP.org Readiness
--
Pending Scan
Speed
Performance
--
Pending Scan
Code
Code Quality
--
Pending Scan
A11y
Accessibility
--
Pending Scan
Bug
Vulnerability Status
--
Pending Scan

Plugin Details

Scan Summary

  • Errors: 0
  • Warnings: 0
  • Notices: 0
  • Last Scanned: N/A
No scan results yet. Start the first scan to populate this summary.

Detected Issues

No issues to display yet. Run the first scan to generate findings.

Score History

No history available yet. · All-Time High: N/A

All Past Vulnerabilities

Showing all known historical vulnerabilities for this plugin, including open and closed records.

Vulnerability CVE Severity Status Affected Versions Patched Version Updated Source
Easy Digital Downloads <= 3.2.6 - Cross-Site Request Forgery N/A LOW Closed *-3.2.6 3.2.7 2024-04-05 00:00:00 Wordfence
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.9.15 - Stored Cross-Site Scripting N/A LOW Closed [*, 2.9.16) 2.9.16 2019-06-12 00:00:00 Wordfence
Easy Digital Downloads <= 3.2.11 - Cross-Site Request Forgery N/A LOW Closed *-3.2.11 3.2.12 2024-05-09 00:00:00 Wordfence
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.3.2 - SQL Injection N/A LOW Closed *-2.3.2 2.3.3 2020-09-22 00:00:00 Wordfence
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.11.2 - Reflected Cross-Site Scripting N/A LOW Closed *-2.11.2 2.11.2.1 2021-10-19 00:00:00 Wordfence
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR Deserialization N/A LOW Closed *-3.3.3 3.3.4 2024-09-23 00:00:00 Wordfence
Easy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install Functions N/A LOW Closed *-3.5.0 3.5.1 2025-08-19 23:05:32 Wordfence
Easy Digital Downloads <= 2.11.2 - Reflected Cross-Site Scripting N/A LOW Closed *-2.11.2 2.11.2.1 2021-10-21 16:05:00 Wordfence
Easy Digital Downloads < 3.1.0.4 - SQL Injection N/A LOW Closed *-3.1.0.3 3.1.0.4 2023-01-12 00:00:00 Wordfence
Easy Digital Download <= 3.5.2 - Insufficient Verification to Order Manipulation N/A LOW Closed *-3.5.2 3.5.3 2025-11-05 16:27:52 Wordfence
Easy Digital Downloads (Various Versions) - Cross-Site Scripting N/A LOW Closed 1.8-1.8.6, 1.9-1.9.9, 2.0-2.0.4, 2.1-2.1.10, 2.2-2.2.8, 2.3-2.3.6 1.8.7 2015-04-20 00:00:00 Wordfence
Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Title N/A LOW Closed *-3.3.2 3.3.3 2025-01-17 00:00:00 Wordfence
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy <= 3.6.5 - Missing Authorization N/A LOW Closed *-3.6.5 3.6.6 2026-04-20 00:00:00 Wordfence
Easy Digital Downloads <= 3.6.2 - Unvalidated Redirect in Password Reset Flow via edd_redirect N/A LOW Closed *-3.6.2 3.6.3 2025-12-30 17:50:22 Wordfence
Easy Digital Downloads <= 2.11.5 - Admin+ Cross-Site Scripting N/A LOW Closed [*, 2.11.6) 2.11.6 2022-03-28 00:00:00 Wordfence
Easy Digital Downloads <= 3.2.12 - Unauthenticated SQL Injection N/A LOW Closed *-3.2.12 3.3.1 2024-08-01 00:00:00 Wordfence
Easy Digital Downloads <= 3.2.6 - Authenticated(Shop Manager+) Stored Cross-Site Scripting via variable pricing options N/A LOW Closed *-3.2.6 3.2.7 2024-02-02 00:00:00 Wordfence
Easy Digital Downloads <= 2.11.5 - Cross-Site Request Forgery N/A LOW Closed [*, 2.11.6) 2.11.6 2022-04-09 00:00:00 Wordfence
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.10.2 - Cross-Site Request Forgery N/A LOW Closed *-2.10.2 2.10.3 2021-04-16 00:00:00 Wordfence
Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.2.9 - Sensitive Information Exposure N/A LOW Closed *-3.2.9 3.2.10 2024-04-03 00:00:00 Wordfence
Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Currency Settings N/A LOW Closed *-3.3.2 3.3.3 2024-08-09 00:00:00 Wordfence
Easy Digital Downloads <= 3.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting N/A LOW Closed *-3.2.5 3.2.6 2023-12-27 00:00:00 Wordfence
Easy Digital Downloads <= 3.3.2 - Authenticated (Admin+) Arbitrary File Download N/A LOW Closed *-3.3.2 3.3.3 2024-12-20 21:27:52 Wordfence
Easy Digital Downloads <= 2.11.7 - Cross-Site Request Forgery to Arbitrary Post Deletion N/A LOW Closed *-2.11.7 3.0 2022-10-17 00:00:00 Wordfence
Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Agreement Text N/A LOW Closed *-3.3.2 3.3.3 2024-08-09 00:00:00 Wordfence
Easy Digital Downloads <= 3.1.0.1.1 - Unauthenticated CSV Injection N/A LOW Closed *-3.1.0.1.1 3.1.0.2 2022-09-28 00:00:00 Wordfence
Easy Digital Downloads <= 3.1.1.4.2 - Cross-Site Request Forgery via edd_trigger_upgrades N/A LOW Closed [*, 3.1.2) 3.1.2 2023-06-07 00:00:00 Wordfence
Easy Digital Downloads <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking via 'square_tokens' Parameter N/A LOW Closed *-3.6.7 3.6.8 2026-05-27 17:18:24 Wordfence
Easy Digital Downloads <= 3.1.5 - Missing Authorization N/A LOW Closed *-3.1.5 3.2.0 2023-12-26 00:00:00 Wordfence
Easy Digital Downloads <= 3.1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode N/A LOW Closed *-3.1.0.4 3.1.0.5 2023-01-30 00:00:00 Wordfence
Easy Digital Downloads 3.1 - 3.3.4 - Improper Authorization to Paywall Bypass N/A LOW Closed 3.1-3.3.4 3.3.5 2024-12-16 00:00:00 Wordfence
Easy Digital Downloads <= 3.2.12 - Missing Authorization N/A LOW Closed *-3.2.12 3.3.1 2024-08-07 00:00:00 Wordfence
Easy Digital Downloads <= 3.2.11 - Unauthenticated Sensitive Information Exposure N/A LOW Closed *-3.2.11 3.2.12 2024-05-09 00:00:00 Wordfence
Easy Digital Downloads <= 3.0.1 - PHP Object Injection N/A LOW Closed *-3.0.1 3.0.2 2022-08-10 00:00:00 Wordfence
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.3.6 - Cross-Site Scripting N/A LOW Closed [*, 1.8.7), [1.9, 1.9.10), [2.0, 2.0.5), [2.1, 2.1.11), [2.2, 2.2.9), [2.3, 2.3.7) 1.8.7 2015-04-20 00:00:00 Wordfence
Easy Digital Downloads <= 2.10.2 - Cross-Site Request Forgery N/A LOW Closed [*, 2.10.3) 2.10.3 2021-04-14 00:00:00 Wordfence
Easy Digital Downloads <= 2.5.7 - PHP Object Injection N/A LOW Closed *-2.5.7 2.5.8 2016-03-02 00:00:00 Wordfence
Easy Digital Downloads <= 2.10.3 - Reflected Cross-Site Scripting N/A LOW Closed *-2.10.3 2.10.4 2021-05-04 00:00:00 Wordfence
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy <= 3.3.6.1 - Unauthenticated Private Post Title Disclosure N/A LOW Closed *-3.3.6.1 3.3.7 2025-03-24 00:00:00 Wordfence
Easy Digital Downloads <= 3.3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via edd_receipt Shortcode N/A LOW Closed *-3.3.8.1 3.3.9 2025-05-28 19:44:57 Wordfence
Easy Digital Downloads 3.1 - 3.1.1.4.1 - Unauthenticated Arbitrary Password Reset to Privilege Escalation N/A LOW Closed [3.1, 3.1.1.4.2) 3.1.1.4.2 2023-05-02 00:00:00 Wordfence