131 matches found
PT-2024-24019
Name of the Vulnerable Software and Affected Versions e2pdf versions 1.20.27 and earlier Description The issue is a Cross-Site Request Forgery CSRF vulnerability in E2Pdf. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that th...
WordPress E2Pdf plugin <= 1.20.27 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin e2pdf versions = 1.20.27...
WordPress e2pdf Plugin <= 1.20.27 is vulnerable to Cross Site Request Forgery (CSRF)
Software e2pdf Type Plugin Vulnerable versions = 1.20.27 Fixed in 1.23.00 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31373 Patch priority Low CVSS severity Low 5.4 Developer E2Pdf.com PSID eb7251584702 Credits Steven Julian Required privileg...
E2Pdf < 1.20.24 - Authenticated(Administrator+) SQL Injection
Description The E2Pdf – Export To Pdf Tool for WordPress plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in all versions up to 1.20.24 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2023-50849
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...
CVE-2023-50849
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...
CVE-2023-50849 WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...
CVE-2023-50849
CVE-2023-50849 describes an SQL Injection in the WordPress plugin “E2Pdf – Export To Pdf Tool for WordPress.” Affected versions are from n/a through 1.20.23. Root cause cited: Improper Neutralization of Special Elements used in an SQL Command. Patch status: Patched (as per Red Hat and original CV...
WordPress Plugin E2Pdf SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin E2Pdf...
PT-2023-31681 · WordPress · E2Pdf
Name of the Vulnerable Software and Affected Versions: E2Pdf – Export To Pdf Tool for WordPress versions 1.20.23 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential...
WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection
Software e2pdf Type Plugin Vulnerable versions = 1.20.23 Fixed in 1.20.24 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50849 Patch priority Low CVSS severity Low 7.6 Developer E2Pdf.com PSID dd0c2ff3afc5 Credits Muhammad Daffa Required privilege Administrator Published 21...
CVE-2023-46154
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...
CVE-2023-46154
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...
CVE-2023-46154
The CVE-2023-46154 entry describes a PHP Object Injection (deserialization) vulnerability in the E2Pdf – Export To Pdf Tool for WordPress plugin. Exploitation requires Administrator privileges and affects versions up to 1.20.18; the issue can lead to arbitrary object injection due to untrusted da...
CVE-2023-46154 WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18...
WordPress Plugin E2Pdf Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
CVE-2023-6826
The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importaction' function in versions up to, and including, 1.20.25. This makes it possible for authenticated attackers with a role that the administrator previously granted access...
CVE-2023-6826
The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importaction' function in versions up to, and including, 1.20.25. This makes it possible for authenticated attackers with a role that the administrator previously granted access...