Lucene search
K

59 matches found

Cvelist
Cvelist
added 2024/03/19 1:19 p.m.27 views

CVE-2024-29141 WordPress PDF Embedder plugin <= 4.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...

5.5CVSS6.6AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2024/03/19 1:19 p.m.59 views

CVE-2024-29141

CVE-2024-29141 concerns the WordPress plugin PDF Embedder. Multiple sources confirm an stored XSS due to improper input neutralization during web page generation, affecting PDF Embedder versions up to 4.6.4 (no public details beyond this in the provided docs). The vulnerability enables stored cro...

6.5CVSS8.6AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/19 1:19 p.m.11 views

CVE-2024-29141 WordPress PDF Embedder plugin <= 4.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...

6.5CVSS6.5AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.4 views

PT-2024-22761 · Unknown · Pdf Embedder

Name of the Vulnerable Software and Affected Versions: PDF Embedder versions n/a through 4.6.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

6.5CVSS9.2AI score0.00294EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.4 views

WordPress Plugin PDF Embedder Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plug-in. WordPress Plugin PDF Embedder There i...

6.5CVSS5.9AI score0.00294EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/18 12:0 a.m.11 views

WordPress PDF Embedder Plugin <= 4.6.4 is vulnerable to Cross Site Scripting (XSS)

Software PDF Embedder Type Plugin Vulnerable versions = 4.6.4 Fixed in 4.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29141 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 78231154a353 Credits Steven Julian Required privilege...

6.5CVSS6.6AI score0.00294EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/01/31 4:15 p.m.1 views

CVE-2024-23508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...

6.1CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/31 3:21 p.m.6 views

CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...

7.1CVSS7.2AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2024/01/31 3:21 p.m.96 views

CVE-2024-23508

CVE-2024-23508 affects the WordPress plugin PDF Poster – PDF Embedder (bPlugins) up to version 2.1.17. Root cause is improper input neutralization leading to a reflected XSS. A fix is available in version 2.1.18; upgrade recommended. Other sources reiterate the same: vulnerable

7.1CVSS7.1AI score0.00331EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/31 3:21 p.m.26 views

CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...

7.1CVSS7.2AI score0.00331EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/26 12:0 a.m.13 views

PDF Poster - PDF Embedder Plugin for WordPress < 2.1.18 - Reflected Cross-Site Scripting

Description The PDF Poster - PDF Embedder Plugin for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.1.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

5.8CVSS6.1AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/01/24 12:0 a.m.12 views

WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Software PDF Poster - PDF Embedder Plugin for WordPress Type Plugin Vulnerable versions = 2.1.17 Fixed in 2.1.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-23508 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 77b3bf7aca30 Credits Le Ng...

7.1CVSS7AI score0.00331EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/12/05 4:15 a.m.2 views

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

9.8CVSS5.7AI score0.01771EPSS
Exploits1References2
NVD
NVD
added 2019/12/05 4:15 a.m.20 views

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

9.8CVSS9.5AI score0.01771EPSS
Exploits1References2
Prion
Prion
added 2019/12/05 4:15 a.m.19 views

Design/Logic Flaw

DISPUTED The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file...

7.5CVSS9.4AI score0.01771EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/12/05 3:16 a.m.74 views

CVE-2019-19589

The CVE-2019-19589 affects the Lever PDF Embedder plugin for WordPress (v4.4). The vulnerability stems from the plugin not blocking polyglot PDF documents that are valid JAR archives during distribution, with the upload process controlled by WordPress core rather than the plugin itself. This mean...

9.8CVSS9.3AI score0.01771EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2019/12/05 3:16 a.m.19 views

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

6.9AI score0.01771EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/12/05 3:16 a.m.26 views

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

9.5AI score0.01771EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2019/12/05 12:0 a.m.4 views

PT-2019-15878 · Lever +1 · Lever Pdf Embedder +1

Name of the Vulnerable Software and Affected Versions: The Lever PDF Embedder plugin version 4.4 for WordPress Description: The issue concerns the distribution of polyglot PDF documents that are valid JAR archives. However, it has been argued that the plugin itself does not control the file uploa...

9.8CVSS6.9AI score0.01771EPSS
Exploits1References3
Rows per page
Query Builder