Lucene search
K

CVE-2023-5229

🗓️ 31 Oct 2023 13:54:41Reported by WPScanType 
cve
 cve
🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

The E2Pdf WordPress plugin before 1.20.20 allows Cross-Site Scriptin

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
Circl
CVE-2023-5229
31 Oct 202317:21
circl
CNNVD
WordPress Plugin E2Pdf Cross-Site Scripting Vulnerability
31 Oct 202300:00
cnnvd
Cvelist
CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping
31 Oct 202313:54
cvelist
EUVD
EUVD-2023-57557
3 Oct 202520:07
euvd
NVD
CVE-2023-5229
31 Oct 202314:15
nvd
OSV
CVE-2023-5229
31 Oct 202314:15
osv
Patchstack
WordPress e2pdf Plugin < 1.20.20 is vulnerable to Cross Site Scripting (XSS)
31 Oct 202300:00
patchstack
Prion
Cross site scripting
31 Oct 202314:15
prion
Positive Technologies
PT-2023-31958 · WordPress · E2Pdf
31 Oct 202300:00
ptsecurity
RedhatCVE
CVE-2023-5229
23 May 202504:31
redhatcve
Rows per page
NVD
Vulners
Node
e2pdfe2pdfRange<1.20.20wordpress
[
  {
    "vendor": "Unknown",
    "product": "E2Pdf",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "1.20.20"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]
ParameterPositionPathDescriptionCWE
titlerequest body/wp-admin/admin.php?page=e2pdf-templatesXSS via unsanitized/ungescaped template title when saving a new E2Pdf template.CWE-79
contentrequest body/wp-admin/admin.php?page=e2pdf-templatesXSS via unsanitized/ungescaped template title when saving a new E2Pdf template.CWE-79
template_namerequest body/wp-admin/admin.php?page=e2pdf-templatesXSS via unsanitized/ungescaped template title when saving a new E2Pdf template.CWE-79
actionquery param/wp-admin/admin.php?page=e2pdf-templatesBackup action on an E2Pdf template which can trigger or reflect user-provided data in an unsafe context.CWE-79
idquery param/wp-admin/admin.php?page=e2pdf-templatesBackup action on an E2Pdf template which can trigger or reflect user-provided data in an unsafe context.CWE-79
pagequery param/wp-admin/admin.php?page=e2pdf-templatesBackup action on an E2Pdf template which can trigger or reflect user-provided data in an unsafe context.CWE-79
pagequery param/wp-admin/admin.phpOther affected E2Pdf admin pages that may reflect unsanitized input (e2pdf page and bulk action).CWE-79
actionquery param/wp-admin/admin.phpOther affected E2Pdf admin pages that may reflect unsanitized input (e2pdf page and bulk action).CWE-79

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 06:48Current
4.7Medium risk
Vulners AI Score4.7
CVSS 3.14.8
EPSS0.00402
SSVC
46