Lucene search
+L

184 matches found

Vulnrichment
Vulnrichment
added 2026/01/16 6:43 a.m.7 views

CVE-2025-14793 DK PDF – WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery

The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...

5CVSS5.4AI score0.00242EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/01/15 11:17 p.m.9 views

WordPress DK PDF - WordPress PDF Generator plugin <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery vulnerability

WordPress DK PDF - WordPress PDF Generator plugin = 2.3.0 - Authenticated Author+ Server-Side Request Forgery vulnerability discovered by WordFence in WordPress Plugin DK PDF – WordPress PDF Generator versions = 2.3.0...

5CVSS7.1AI score0.00242EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/12 7:15 a.m.28 views

CVE-2025-14356

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00343EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/12 6:32 a.m.50 views

CVE-2025-14356 Ultra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDF

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00343EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/12 6:32 a.m.3 views

CVE-2025-14356 Ultra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDF

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS4.8AI score0.00343EPSS
Exploits0References6
CVE
CVE
added 2025/12/12 6:32 a.m.18 views

CVE-2025-14356

CVE-2025-14356 — The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on uacf7_get_generated_pdf in all versions up to and including 3.5.33. The Wordfence report confirms authenticated users with Subscriber-level a...

4.3CVSS4.8AI score0.00343EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50893

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7 get generated pdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.1AI score0.00343EPSS
Exploits0References7
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202135

Cross-Site Request Forgery CSRF vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through = 1.4...

6.3AI score0.00111EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/21 6:2 p.m.10 views

Shopware vulnerable to Server-Side Request Forgery (SSRF) – order invoice

Impact This vulnerability allows malicious actors to force the application server to send HTTP requests to both external and internal servers. In certain cases, this may lead to access to internal resources such as databases, file systems, or other services that are not supposed to be directly...

7AI score
Exploits0References3Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-3039

Malware in sbrugna...

5CVSS6.4AI score0.01009EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-3038

Malware in sbrugna...

7.5CVSS6.4AI score0.01126EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-3040

Malware in sbrugna...

5CVSS6.4AI score0.01157EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-1099

Malware in sbrugna...

8.2CVSS8.2AI score0.02044EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-45884

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-14958

Malicious code in bioql PyPI...

4.3CVSS9.2AI score0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21039

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00289EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-59149

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00393EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-9196

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00252EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-41363

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00626EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-39075

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00248EPSS
Exploits0References1
Rows per page
Query Builder