CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Print-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'print-me' shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'tag'. This makes it possible for...

6.4CVSS6AI score0.00273EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:56 a.m.•7 views

CVE-2024-33936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Twinpictures Print-O-Matic allows Stored XSS.This issue affects Print-O-Matic: from n/a through 2.1.10...

6.5CVSS5.2AI score0.00314EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:34 a.m.•8 views

CVE-2022-4753

The Print-O-Matic WordPress plugin before 2.1.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...

5.4CVSS5.9AI score0.00471EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 9:4 p.m.•6 views

CVE-2021-24710

The Print-O-Matic WordPress plugin before 2.0.3 does not escape some of its settings before outputting them in attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00654EPSS

Exploits2References1

NVD•added 2024/05/22 8:15 a.m.•12 views

CVE-2024-3671

6.4CVSS5.9AI score0.00273EPSS

Exploits0References2

Cvelist•added 2024/05/22 7:37 a.m.•19 views

CVE-2024-3671 Print-O-Matic <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS5.9AI score0.00273EPSS

Exploits0References2

Vulnrichment•added 2024/05/22 7:37 a.m.•11 views

CVE-2024-3671 Print-O-Matic <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS5.8AI score0.00273EPSS

Exploits0References2

CVE•added 2024/05/22 7:37 a.m.•54 views

CVE-2024-3671

CVE-2024-3671 refers to the WordPress plugin Print-O-Matic . Affected: all versions LE 2.1.10. Root cause: insufficient input sanitization and output escaping in the plugin’s shortcode handling. Vulnerability type: Stored Cross-Site Scripting (XSS) via the plugin’s shortcode print-me, with user-s...

6.4CVSS5.9AI score0.00273EPSS

Exploits0References2

CNNVD•added 2024/05/22 12:0 a.m.•3 views

WordPress plugin Print-O-Matic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.8AI score0.00273EPSS

Exploits0References3

NVD•added 2024/05/03 7:15 a.m.•13 views

CVE-2024-33936

6.5CVSS6.7AI score0.00314EPSS

Exploits0References1

Cvelist•added 2024/05/03 7:2 a.m.•28 views

CVE-2024-33936 WordPress Print-O-Matic plugin <= 2.1.10 - Auth. Cross Site Scripting (XSS) vulnerability

6.5CVSS7.3AI score0.00314EPSS

Exploits0References1

Vulnrichment•added 2024/05/03 7:2 a.m.•12 views

CVE-2024-33936 WordPress Print-O-Matic plugin <= 2.1.10 - Auth. Cross Site Scripting (XSS) vulnerability

6.5CVSS7AI score0.00314EPSS

Exploits0References1

CVE•added 2024/05/03 7:2 a.m.•65 views

CVE-2024-33936

CVE-2024-33936 is a Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Print-O-Matic for WordPress, affecting Print-O-Matic: from n/a through 2.1.10. The issue arises from improper input neutralization during web page generation. No exploits or vectors are provided in the documents. ...

6.5CVSS5.2AI score0.00314EPSS

Exploits0References1

CNNVD•added 2024/05/03 12:0 a.m.•3 views

WordPress plugin Print-O-Matic 跨站脚本漏洞

6.5CVSS6AI score0.00314EPSS

Exploits0References2

Patchstack•added 2024/04/29 4:38 p.m.•5 views

WordPress Print-O-Matic plugin <= 2.1.10 - Auth. Cross Site Scripting (XSS) vulnerability

Auth. Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Print-O-Matic versions = 2.1.10...

6.5CVSS6.1AI score0.00314EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/29 12:0 a.m.•19 views

WordPress Print-O-Matic Plugin <= 2.1.10 is vulnerable to Cross Site Scripting (XSS)

Software Print-O-Matic Type Plugin Vulnerable versions = 2.1.10 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33936 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5b4761232408 Credits Ngô Thiên An ancorn from VNPT-VCI Require...

6.5CVSS6.6AI score0.00314EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by