59 matches found
CVE-2024-29141 WordPress PDF Embedder plugin <= 4.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...
CVE-2024-29141
CVE-2024-29141 concerns the WordPress plugin PDF Embedder. Multiple sources confirm an stored XSS due to improper input neutralization during web page generation, affecting PDF Embedder versions up to 4.6.4 (no public details beyond this in the provided docs). The vulnerability enables stored cro...
CVE-2024-29141 WordPress PDF Embedder plugin <= 4.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...
PT-2024-22761 · Unknown · Pdf Embedder
Name of the Vulnerable Software and Affected Versions: PDF Embedder versions n/a through 4.6.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...
WordPress Plugin PDF Embedder Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plug-in. WordPress Plugin PDF Embedder There i...
WordPress PDF Embedder Plugin <= 4.6.4 is vulnerable to Cross Site Scripting (XSS)
Software PDF Embedder Type Plugin Vulnerable versions = 4.6.4 Fixed in 4.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29141 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 78231154a353 Credits Steven Julian Required privilege...
CVE-2024-23508
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
CVE-2024-23508
CVE-2024-23508 affects the WordPress plugin PDF Poster – PDF Embedder (bPlugins) up to version 2.1.17. Root cause is improper input neutralization leading to a reflected XSS. A fix is available in version 2.1.18; upgrade recommended. Other sources reiterate the same: vulnerable
CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
PDF Poster - PDF Embedder Plugin for WordPress < 2.1.18 - Reflected Cross-Site Scripting
Description The PDF Poster - PDF Embedder Plugin for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.1.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
Software PDF Poster - PDF Embedder Plugin for WordPress Type Plugin Vulnerable versions = 2.1.17 Fixed in 2.1.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-23508 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 77b3bf7aca30 Credits Le Ng...
CVE-2019-19589
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...
CVE-2019-19589
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...
Design/Logic Flaw
DISPUTED The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file...
CVE-2019-19589
The CVE-2019-19589 affects the Lever PDF Embedder plugin for WordPress (v4.4). The vulnerability stems from the plugin not blocking polyglot PDF documents that are valid JAR archives during distribution, with the upload process controlled by WordPress core rather than the plugin itself. This mean...
CVE-2019-19589
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...
CVE-2019-19589
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...
PT-2019-15878 · Lever +1 · Lever Pdf Embedder +1
Name of the Vulnerable Software and Affected Versions: The Lever PDF Embedder plugin version 4.4 for WordPress Description: The issue concerns the distribution of polyglot PDF documents that are valid JAR archives. However, it has been argued that the plugin itself does not control the file uploa...