184 matches found
CVE-2025-14793 DK PDF – WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
WordPress DK PDF - WordPress PDF Generator plugin <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery vulnerability
WordPress DK PDF - WordPress PDF Generator plugin = 2.3.0 - Authenticated Author+ Server-Side Request Forgery vulnerability discovered by WordFence in WordPress Plugin DK PDF – WordPress PDF Generator versions = 2.3.0...
CVE-2025-14356
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-14356 Ultra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDF
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-14356 Ultra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDF
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-14356
CVE-2025-14356 — The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on uacf7_get_generated_pdf in all versions up to and including 3.5.33. The Wordfence report confirms authenticated users with Subscriber-level a...
PT-2025-50893
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7 get generated pdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...
EUVD-2025-202135
Cross-Site Request Forgery CSRF vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through = 1.4...
Shopware vulnerable to Server-Side Request Forgery (SSRF) – order invoice
Impact This vulnerability allows malicious actors to force the application server to send HTTP requests to both external and internal servers. In certain cases, this may lead to access to internal resources such as databases, file systems, or other services that are not supposed to be directly...
EUVD-2008-3039
Malware in sbrugna...
EUVD-2008-3038
Malware in sbrugna...
EUVD-2008-3040
Malware in sbrugna...
EUVD-2021-1099
Malware in sbrugna...
EUVD-2024-45884
Malicious code in bioql PyPI...
EUVD-2025-14958
Malicious code in bioql PyPI...
EUVD-2025-21039
Malicious code in bioql PyPI...
EUVD-2023-59149
Malicious code in bioql PyPI...
EUVD-2025-9196
Malicious code in bioql PyPI...
EUVD-2022-41363
Malicious code in bioql PyPI...
EUVD-2023-39075
Malicious code in bioql PyPI...