Skip to content

Add CVE-2023-30869 (vKEV) #14134

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Dec 1, 2025
Merged

Add CVE-2023-30869 (vKEV) #14134

merged 4 commits into from
Dec 1, 2025

Conversation

@daffainfo
Copy link
Contributor

@daffainfo daffainfo commented Nov 30, 2025

PR Information

Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation. This issue affects Easy Digital Downloads: from 3.1 through 3.1.1.4.1.

Template validation

  • Validated with a host running a vulnerable version and/or configuration (True Positive)
  • Validated with a host running a patched version and/or configuration (avoid False Positive)

@DhiyaneshGeek DhiyaneshGeek added the Done Ready to merge label Nov 30, 2025
@DhiyaneshGeek
Copy link
Member

DhiyaneshGeek commented Nov 30, 2025

Hi @daffainfo

i have successfully validated locally

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.5.1

		projectdiscovery.io

[INF] Current nuclei version: v3.5.1 (latest)
[INF] Current nuclei-templates version: v10.3.4 (latest)
[INF] New templates added in latest release: 0
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[CVE-2023-30869] Easy Digital Downloads - Privilege Escalation (@daffainfo) [critical]
[CVE-2023-30869] [http] [critical] http://0.0.0.0:8080/wp-login.php ["Username: pdteam. Password: 5hpo4qpp"]
[INF] Scan completed in 1.049481833s. 1 matches found.

@DhiyaneshGeek DhiyaneshGeek merged commit e5a998e into projectdiscovery:main Dec 1, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DhiyaneshGeek DhiyaneshGeek DhiyaneshGeek approved these changes

Assignees

@theamanrawat theamanrawat

Labels

Done Ready to merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@daffainfo @DhiyaneshGeek @theamanrawat