Skip to main content
Easy Digital Downloads Blog
WordPress Tutorials, Tips, and Resources to Help Grow Your Business

Last night a crucial security flaw was discovered in the checkout process of Easy Digital Downloads and fixed immediately. Version 1.4.4.2 was pushed out and takes care of the issue. Please update immediately if you are on less than 1.4.4.2.

Due to the nature of the flaw, we cannot go into detail about exactly what the flaw was or how it could be exploited, but it had to do with user accounts and it was severe. The flaw permitted an experienced user who knew exactly what they were doing (and knew how to exploit the issue) to potentially gain admin access to sites running specific versions of EDD with specific configurations.

EDD versions affected: 1.4.2 – 1.4.4.1.

Version 1.4.4.2 fixes the problem

The flaw was discovered by Adam of Mint Themes, who, thankfully, reported it immediately, allowing us to send out a patch within 30 minutes of the discovery.

Using WordPress and want to get Easy Digital Downloads for free?

Enter the URL to your WordPress website to install.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. We only recommend products that we believe will add value to our readers.

2 comments

  1. Pippin Williamson

    Thanks for the recent updates Pippin.

    I have discovered a couple of bugs that have been getting me very frustrated. Where is the best place to report them?

    1. Pippin Williamson

Leave a Reply

Your email address will not be published. Required fields are marked *