WordPress 3D FlipBook - PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin <= 1.16.17 - Missing Authorization to Unauthenticated Private/Draft Flipbook Data Exposure vulnerability

WordPress 3D FlipBook - PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin = 1.16.17 - Missing Authorization to Unauthenticated Private/Draft Flipbook Data Exposure vulnerability discovered by Kai Aizen in WordPress Plugin 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery...

CVE-2026-1314

The CVE-2026-1314 entry concerns the WordPress plugin “3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery”. It is vulnerable due to a missing capability check in send_post_pages_json() across all versions up to and including 1.16.17, allowing unauthenticated attackers to retr...

CVE-2026-2569

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-2569

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress plugin 3D FlipBook – PDF Flipbook Viewer和Flipbook Image Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

CVE-2025-5314

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via the ‘pdf-source’ parameter in all versions up to, and including, 2.3.65 due to insufficient input sanitization and output escaping. This makes it...

WordPress Plugin 3D FlipBook Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FlipBook 1.16.15 and previous versions exist cross-site scripting vulnerability, the...

CVE-2025-5289

The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes ...

WordPress plugin 3D FlipBook 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FlipBook 1.16.15 and previous versions exist cross-site scripting vulnerability, the...

CVE-2024-34561

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Stored XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook...

CVE-2023-6776

The 3D FlipBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Ready Function’ field in all versions up to, and including, 1.15.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acce...

CVE-2022-4453

The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks against high privilege users like...

WordPress Nature FlipBook WordPress Plugin plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Nature FlipBook versions = 1.7...

CVE-2024-11929

The Responsive FlipBook Plugin Wordpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the rfbwpsavesettings functionin all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-11929 Responsive FlipBook Plugin Wordpress <= 2.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Responsive FlipBook Plugin Wordpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the rfbwpsavesettings functionin all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

WordPress plugin Responsive FlipBook Plugin Wordpress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2024-11830 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.52 - Authenticated (Contributor+) Stored Cross-Site Scripting

The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with...

WordPress plugin PDF Flipbook, 3D Flipbook—DearFlip 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. Cross-site scripting vulnerability exists i...

WordPress plugin Creates 3D Flipbook, PDF Flipbook 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Creates 3D Flipbook, PDF...

WordPress Creates 3D Flipbook, PDF Flipbook plugin <= 1.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Creates 3D Flipbook, PDF Flipbook versions = 1.2...