WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.21 is vulnerable to Cross Site Scripting (XSS)

Software PDF Poster - PDF Embedder Plugin for WordPress Type Plugin Vulnerable versions = 2.1.21 Fixed in 2.1.22 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID 9ee58daffa95 Credits Yudistir...

CVE-2024-34561

CVE-2024-34561 affects the Real 3D FlipBook WordPress Plugin family (3D FlipBook, PDF Viewer, PDF Embedder). Connected data confirms a Stored Cross-Site Scripting vulnerability in 3D FlipBook

WordPress 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin Plugin <= 3.71 is vulnerable to Cross Site Scripting (XSS)

Software 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin Type Plugin Vulnerable versions = 3.71 Fixed in 3.72 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34561 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID...

WordPress Google Doc Embedder plugin <= 2.6.4 - Authenticated (Contributor+) Blind Server Side Request Forgery vulnerability

Authenticated Contributor+ Blind Server Side Request Forgery vulnerability discovered by István Márton in WordPress Plugin Google Document Embedder versions = 2.6.4...

CVE-2024-0216

The CVE-2024-0216 entry for Google Doc Embedder (WordPress) is a SSRF vulnerability in the gview shortcode present in WordPress plugin versions up to 2.6.4. Reported impact states that authenticated users with contributor permissions can cause the application to make outbound requests to arbitrar...

WordPress Google Document Embedder Plugin <= 2.6.4 is vulnerable to Server Side Request Forgery (SSRF)

Software Google Document Embedder Type Plugin Vulnerable versions = 2.6.4 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-0216 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID bfeba1aa8dc2 Credits István Márton Required...

WordPress plugin Google Doc Embedder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-15391 · WordPress · Google Doc Embedder

Name of the Vulnerable Software and Affected Versions: Google Doc Embedder plugin for WordPress versions up to, and including, 2.6.4 Description: The issue allows authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations originating from the w...

Google Doc Embedder <= 2.6.4 - Authenticated (Contributor+) Blind Server Side Request Forgery

Description The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'gview' shortcode in versions up to, and including, 2.6.4. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations...

3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin < 3.63 - Reflected Cross-Site Scripting

Description The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 3.62 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-32694

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Reflected XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook...

CVE-2024-32694 WordPress 3D FlipBook, PDF Viewer, PDF Embedder plugin <= 3.62 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Reflected XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook...

WordPress 3D FlipBook, PDF Viewer, PDF Embedder plugin <= 3.62 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Real 3D FlipBook versions = 3.62...

PDF Embedder < 4.7.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

CVE-2024-29141

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...

CVE-2024-29141 WordPress PDF Embedder plugin <= 4.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...

CVE-2024-29141

CVE-2024-29141 concerns the WordPress plugin PDF Embedder. Multiple sources confirm an stored XSS due to improper input neutralization during web page generation, affecting PDF Embedder versions up to 4.6.4 (no public details beyond this in the provided docs). The vulnerability enables stored cro...

CVE-2024-29141 WordPress PDF Embedder plugin <= 4.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...

WordPress Plugin PDF Embedder Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plug-in. WordPress Plugin PDF Embedder There i...

PT-2024-22761 · Unknown · Pdf Embedder

Name of the Vulnerable Software and Affected Versions: PDF Embedder versions n/a through 4.6.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...