WordPress Easy Digital Downloads plugin 3.1.0.2 and 3.1.0.3 contains a SQL injection vulnerability in the s parameter of its edd_download_search action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
View the template here CVE-2023-23489.yaml
References:
https://www.tenable.com/security/research/tra-2023-2