Lucene search
K

50 matches found

CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress Plugin e2pdf 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

6.5CVSS6AI score0.0016EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-57557

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00402EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-59036

Malicious code in bioql PyPI...

7.2CVSS7.6AI score0.01274EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.7 views

CVE-2023-5229

The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00402EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.9 views

CVE-2023-6826

The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importaction' function in versions up to, and including, 1.20.25. This makes it possible for authenticated attackers with a role that the administrator previously granted access...

7.2CVSS7.6AI score0.01274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:18 p.m.18 views

CVE-2024-37415 WordPress E2Pdf plugin <= 1.20.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in E2Pdf.Com allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through 1.20.27...

5.4CVSS6.9AI score0.00312EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.4 views

WordPress plugin e2pdf 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS6.5AI score0.00312EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.20 views

WordPress e2pdf Plugin <= 1.25.05 is vulnerable to Cross Site Scripting (XSS)

Software e2pdf Type Plugin Vulnerable versions = 1.25.05 Fixed in 1.25.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43318 Patch priority Low CVSS severity Low 6.5 Developer E2Pdf.com PSID 618e2ecf6073 Credits LVT-tholv2k Required privilege Contributor Publish...

6.5CVSS6.9AI score0.00246EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/28 8:1 a.m.8 views

WordPress E2Pdf plugin <= 1.20.27 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin e2pdf versions = 1.20.27...

5.4CVSS7AI score0.00312EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/28 12:0 a.m.18 views

WordPress e2pdf Plugin <= 1.20.27 is vulnerable to Broken Access Control

Software e2pdf Type Plugin Vulnerable versions = 1.20.27 Fixed in 1.23.00 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37415 Patch priority Low CVSS severity Low 5.4 Developer E2Pdf.com PSID 4dae4c7543a5 Credits Steven Julian Required privilege Subscrib...

5.4CVSS6.3AI score0.00312EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.26 views

WordPress e2pdf Plugin <= 1.24.00 is vulnerable to Cross Site Scripting (XSS)

Software e2pdf Type Plugin Vulnerable versions = 1.24.00 Fixed in 1.25.01 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer E2Pdf.com PSID cc24959a7a9a Credits Yudistira Arya Required privilege Author Published 27...

6.8AI score0.72648EPSS
Exploits15References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/16 12:0 a.m.13 views

e2pdf < 1.23.00 - Cross-Site Request Forgery

Description The e2pdf plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.20.27. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged...

5.4CVSS6.5AI score0.002EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/10 6:13 a.m.4 views

WordPress E2Pdf plugin <= 1.20.27 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin e2pdf versions = 1.20.27...

5.4CVSS7AI score0.002EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.13 views

WordPress e2pdf Plugin <= 1.20.27 is vulnerable to Cross Site Request Forgery (CSRF)

Software e2pdf Type Plugin Vulnerable versions = 1.20.27 Fixed in 1.23.00 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31373 Patch priority Low CVSS severity Low 5.4 Developer E2Pdf.com PSID eb7251584702 Credits Steven Julian Required privileg...

5.4CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/12/28 12:15 p.m.5 views

CVE-2023-50849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...

7.2CVSS5.8AI score0.00534EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.6 views

PT-2023-31681 · WordPress · E2Pdf

Name of the Vulnerable Software and Affected Versions: E2Pdf – Export To Pdf Tool for WordPress versions 1.20.23 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential...

7.6CVSS7.7AI score0.00534EPSS
Exploits0References6
Patchstack
Patchstack
added 2023/12/21 12:0 a.m.18 views

WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection

Software e2pdf Type Plugin Vulnerable versions = 1.20.23 Fixed in 1.20.24 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50849 Patch priority Low CVSS severity Low 7.6 Developer E2Pdf.com PSID dd0c2ff3afc5 Credits Muhammad Daffa Required privilege Administrator Published 21...

7.6CVSS7.2AI score0.00534EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/18 11:52 p.m.38 views

CVE-2023-46154 WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...

6.6CVSS7.2AI score0.00735EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.5 views

WordPress Plugin E2Pdf Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

7.2CVSS6.8AI score0.00735EPSS
Exploits0References3
OSV
OSV
added 2023/12/15 8:15 a.m.5 views

CVE-2023-6826

The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importaction' function in versions up to, and including, 1.20.25. This makes it possible for authenticated attackers with a role that the administrator previously granted access...

7.2CVSS6.5AI score0.01274EPSS
Exploits0References4
Rows per page
Query Builder