53 matches found
CVE-2026-49047
Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27...
DearFlip – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer < 2.4.30 - Missing Authorization
Description The DearFlip – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.4.29. This makes it possible for authenticated attackers, with contributor-leve...
CVE-2026-49047
Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27...
CVE-2026-49047 WordPress DearFlip plugin <= 2.4.27 - Broken Access Control vulnerability
Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27...
CVE-2026-49047 WordPress DearFlip plugin <= 2.4.27 - Broken Access Control vulnerability
Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27...
EUVD-2026-32540
Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27...
CVE-2026-49047
The CVE describes a Missing Authorization / Broken Access Control issue in the WordPress DearFlip (DearFlip) plugin, affected versions are WordPress DearFlip up to 2.4.27. The root cause is incorrectly configured access control security levels in DearFlip, enabling a lack of proper authorization ...
WordPress DearFlip plugin <= 2.4.29 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by timomangcut in WordPress Plugin DearFlip versions = 2.4.29...
WordPress plugin DearFlip 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-44025
Name of the Vulnerable Software and Affected Versions DearFlip versions prior to 2.4.28 Description A missing authorization issue in DearHive DearFlip allows for the exploitation of incorrectly configured access control security levels. This is a broken access control flaw where the system fails ...
WordPress Dear Flipbook plugin <= 2.4.20 - Authenticated (Author+) Stored Cross-Site Scripting via PDF Page Labels vulnerability
Authenticated Author+ Stored Cross-Site Scripting via PDF Page Labels vulnerability discovered by Drew Webber mcdruid in WordPress Plugin DearFlip versions = 2.4.20...
WordPress PDF Flipbook, 3D Flipbook - DearFlip plugin <= 2.2.26 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WordPress PDF Flipbook, 3D Flipbook - DearFlip plugin = 2.2.26 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Daffa in WordPress Plugin DearFlip versions = 2.2.26...
EUVD-2024-34341
Malicious code in bioql PyPI...
EUVD-2024-26801
Malicious code in bioql PyPI...
EUVD-2024-16677
Malicious code in bioql PyPI...
EUVD-2024-49369
Malicious code in bioql PyPI...
WordPress DearFlip plugin <= 2.3.65 - DOM-Based Reflected Cross-Site Scripting via 'pdf-source' vulnerability
DOM-Based Reflected Cross-Site Scripting via 'pdf-source' vulnerability discovered by Martin Herancourt in WordPress Plugin DearFlip versions = 2.3.65...
CVE-2024-29807
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26...
CVE-2024-11830
The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with...
CVE-2021-24732
The PDF Flipbook, 3D Flipbook WordPress – DearFlip WordPress plugin before 1.7.10 does not escape the class attribute of its shortcode before outputting it back in an attribute, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...