Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.8 views

CVE-2021-24684

The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript...

9CVSS7.8AI score0.04268EPSS
Exploits2References1
NVD
NVD
added 2021/10/18 2:15 p.m.13 views

CVE-2021-24684

The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript...

9CVSS0.04268EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/10/18 12:0 a.m.3 views

WordPress 插件 操作系统命令注入漏洞

WordPress plugin is a WordPress open source application plugin . WordPress PDF Light Viewer plugin version 1.4.12 before the existence of operating system command injection vulnerability, an attacker can exploit the vulnerability in the call Ghostscript through the OS command injection on the...

9CVSS8.4AI score0.04268EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/09/15 12:0 a.m.24 views

PDF Light Viewer < 1.4.12 - Authenticated Command Injection

The plugin allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript. PoC 1 Go to Import PDF. 2 Select PDF file. 3 Set compression as 60 | calc | echo 4 Toggle import the first checkbox 5 Publish or update 6 Command executes...

9CVSS4.3AI score0.04268EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/09/15 12:0 a.m.819 views

PDF Light Viewer < 1.4.12 - Authenticated Command Injection

The plugin allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript. 1 Go to Import PDF. 2 Select PDF file. 3 Set compression as 60 | calc | echo 4 Toggle import the first checkbox 5 Publish or update 6 Command executes...

9CVSS2.5AI score0.04268EPSS
Exploits2
Rows per page
Query Builder