WPDM – Premium Packages

Shahjada

Developer

6.2.0

Latest version

3,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

9 patched

3 Mitigation rules

Cross Site Request Forgery (CSRF) Vulnerability
<= 6.0.2
14/08/2025
Cross Site Scripting (XSS) Vulnerability
<= 6.0.6
05/06/2025
SQL Injection vulnerability
<= 5.9.6
24/01/2025
Reflected Cross-Site Scripting via add_query_arg vulnerability
<= 5.9.3
21/11/2024
WordPress Premium Packages - Sell Digital Products Securely plugin <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdmpp_pay_link Shortcode vulnerability
<= 5.9.3
20/11/2024
SQL Injection vulnerability
<= 6.0.5
15/11/2024
Cross-Site Request Forgery vulnerability
<= 5.9.1
24/09/2024
Cross Site Scripting (XSS) vulnerability
<= 5.8.2
25/03/2024
Arbitrary User Meta Update to Authenticated (Subscriber+) Privilege Escalation vulnerability
<= 5.7.4
14/08/2023