Lucene search
K

131 matches found

Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.10 views

PT-2024-24019

Name of the Vulnerable Software and Affected Versions e2pdf versions 1.20.27 and earlier Description The issue is a Cross-Site Request Forgery CSRF vulnerability in E2Pdf. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that th...

5.4CVSS5.3AI score0.002EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/04/10 6:13 a.m.4 views

WordPress E2Pdf plugin <= 1.20.27 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin e2pdf versions = 1.20.27...

5.4CVSS7AI score0.002EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.13 views

WordPress e2pdf Plugin <= 1.20.27 is vulnerable to Cross Site Request Forgery (CSRF)

Software e2pdf Type Plugin Vulnerable versions = 1.20.27 Fixed in 1.23.00 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31373 Patch priority Low CVSS severity Low 5.4 Developer E2Pdf.com PSID eb7251584702 Credits Steven Julian Required privileg...

5.4CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.30 views

E2Pdf < 1.20.24 - Authenticated(Administrator+) SQL Injection

Description The E2Pdf – Export To Pdf Tool for WordPress plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in all versions up to 1.20.24 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

7.6CVSS7.4AI score0.00534EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/28 12:15 p.m.5 views

CVE-2023-50849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...

7.2CVSS5.8AI score0.00534EPSS
Exploits0References1
NVD
NVD
added 2023/12/28 12:15 p.m.29 views

CVE-2023-50849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...

7.6CVSS0.00534EPSS
Exploits0References1
Prion
Prion
added 2023/12/28 12:15 p.m.14 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...

5.8CVSS8AI score0.00534EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/28 11:34 a.m.35 views

CVE-2023-50849 WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...

7.6CVSS8.1AI score0.00534EPSS
Exploits0References1
CVE
CVE
added 2023/12/28 11:34 a.m.68 views

CVE-2023-50849

CVE-2023-50849 describes an SQL Injection in the WordPress plugin “E2Pdf – Export To Pdf Tool for WordPress.” Affected versions are from n/a through 1.20.23. Root cause cited: Improper Neutralization of Special Elements used in an SQL Command. Patch status: Patched (as per Red Hat and original CV...

7.6CVSS7.8AI score0.00534EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/28 12:0 a.m.3 views

WordPress Plugin E2Pdf SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin E2Pdf...

7.6CVSS7.7AI score0.00534EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.6 views

PT-2023-31681 · WordPress · E2Pdf

Name of the Vulnerable Software and Affected Versions: E2Pdf – Export To Pdf Tool for WordPress versions 1.20.23 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential...

7.6CVSS7.7AI score0.00534EPSS
Exploits0References6
Patchstack
Patchstack
added 2023/12/21 12:0 a.m.19 views

WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection

Software e2pdf Type Plugin Vulnerable versions = 1.20.23 Fixed in 1.20.24 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50849 Patch priority Low CVSS severity Low 7.6 Developer E2Pdf.com PSID dd0c2ff3afc5 Credits Muhammad Daffa Required privilege Administrator Published 21...

7.6CVSS7.2AI score0.00534EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/12/19 12:15 a.m.26 views

CVE-2023-46154

Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...

7.2CVSS0.00735EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 12:15 a.m.6 views

CVE-2023-46154

Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...

7.2CVSS7.3AI score0.00735EPSS
Exploits0References1
Prion
Prion
added 2023/12/19 12:15 a.m.22 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...

5.8CVSS7.2AI score0.00735EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/18 11:52 p.m.107 views

CVE-2023-46154

The CVE-2023-46154 entry describes a PHP Object Injection (deserialization) vulnerability in the E2Pdf – Export To Pdf Tool for WordPress plugin. Exploitation requires Administrator privileges and affects versions up to 1.20.18; the issue can lead to arbitrary object injection due to untrusted da...

7.2CVSS7.5AI score0.00735EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/18 11:52 p.m.39 views

CVE-2023-46154 WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...

6.6CVSS7.2AI score0.00735EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.5 views

WordPress Plugin E2Pdf Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

7.2CVSS6.8AI score0.00735EPSS
Exploits0References3
OSV
OSV
added 2023/12/15 8:15 a.m.5 views

CVE-2023-6826

The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importaction' function in versions up to, and including, 1.20.25. This makes it possible for authenticated attackers with a role that the administrator previously granted access...

7.2CVSS6.5AI score0.01274EPSS
Exploits0References4
NVD
NVD
added 2023/12/15 8:15 a.m.26 views

CVE-2023-6826

The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importaction' function in versions up to, and including, 1.20.25. This makes it possible for authenticated attackers with a role that the administrator previously granted access...

7.2CVSS0.01274EPSS
Exploits0References4
Rows per page
Query Builder