46 matches found
CVE-2026-7650
The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the e2pdf-download shortcode in all versions up to, and including, 1.32.17. This is due to insufficient input sanitization and output escaping on the shortcode...
CVE-2026-42681 WordPress e2pdf plugin <= 1.32.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42681 WordPress e2pdf plugin <= 1.32.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42681
CVE-2026-42681 affects the WordPress plugin e2pdf (versions up to 1.32.14). The issue is a Reflected XSS due to improper neutralization during web page generation, enabling cross-site scripting. CVSSv3.1 base score 7.1 (HIGH) with Network attack vector, Low confidentiality/integrity/availability ...
WordPress e2pdf plugin <= 1.32.14 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin e2pdf versions = 1.32.14...
CVE-2026-7650
The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the e2pdf-download shortcode in all versions up to, and including, 1.32.17. This is due to insufficient input sanitization and output escaping on the shortcode...
CVE-2026-7650
The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the e2pdf-download shortcode in all versions up to, and including, 1.32.17. This is due to insufficient input sanitization and output escaping on the shortcode...
CVE-2026-7650 E2Pdf – Export Pdf Tool for WordPress <= 1.32.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute
The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the e2pdf-download shortcode in all versions up to, and including, 1.32.17. This is due to insufficient input sanitization and output escaping on the shortcode...
WordPress plugin E2Pdf – Export Pdf Tool for WordPress 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-32442
The CVE-2026-32442 entry concerns the WordPress e2pdf plugin with versions up to 1.28.15. It is a Missing Authorization/Broken Access Control vulnerability arising from incorrectly configured access control security levels in e2pdf, allowing inappropriate access due to insufficient authorization ...
CVE-2026-32442 WordPress e2pdf plugin <= 1.28.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through = 1.28.15...
WordPress e2pdf plugin <= 1.28.15 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Steven Julian in WordPress Plugin e2pdf versions = 1.28.15...
CVE-2022-0535
The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2025-62068 WordPress e2pdf plugin <= 1.28.09 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf e2pdf e2pdf.This issue affects e2pdf: from n/a through = 1.28.09...
CVE-2025-62068 WordPress e2pdf plugin <= 1.28.09 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf e2pdf e2pdf.This issue affects e2pdf: from n/a through = 1.28.09...
CVE-2025-62068
CVE-2025-62068 affects WordPress plugin E2Pdf (versions
WordPress Plugin e2pdf 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...
EUVD-2023-59036
Malicious code in bioql PyPI...
EUVD-2023-57557
Malicious code in bioql PyPI...
CVE-2023-5229
The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...