EUVD-2026-32738

The 3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

CVE-2026-8682 3D Viewer <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Modification via settings REST endpoint

The 3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

EUVD-2026-22885

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

CVE-2026-40729

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

CVE-2026-40729 WordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

CVE-2026-40729

CVE-2026-40729 affects the WordPress plugin “bPlugins 3D viewer – Embed 3D Models” 1.8.5) as recommended by PT-2026-33040. No exploitation details are present in the connected documents beyond the general vulnerability description. Monitor for updates and vendor advisories for any confirmed expl...

CVE-2026-40729 WordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

WordPress plugin 3D viewer – Embed 3D Models 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-33040

Name of the Vulnerable Software and Affected Versions bPlugins 3D viewer – Embed 3D Models versions prior to 1.8.6 Description Incorrectly configured access control security levels lead to a missing authorization issue, allowing for the exploitation of security levels. Recommendations Update to a...

CVE-2025-59332

3DAlloy is a lightWeight 3D-viewer for MediaWiki. From 1.0 through 1.8, the parser tag and the 3d parser function allow users to provide custom attributes that are then appended to the canvas HTML element that is being output by the extension. The attributes are not sanitized, which means that...

CVE-2023-36760

3D Viewer Remote Code Execution Vulnerability...

CVE-2023-36740

3D Viewer Remote Code Execution Vulnerability...

CVE-2023-36739

3D Viewer Remote Code Execution Vulnerability...

PT-2023-5061 · 3D Viewer · 3D Viewer

Name of the Vulnerable Software and Affected Versions: 3D Viewer affected versions not specified Description: The issue is related to insufficient input validation in the 3D Viewer, which can be exploited to execute arbitrary code using a specially crafted file. Recommendations: At the moment,...

PT-2023-5136 · 3D Viewer · 3D Viewer

Name of the Vulnerable Software and Affected Versions: 3D Viewer affected versions not specified Description: The 3D Viewer is affected by a remote code execution issue due to insufficient input validation. This can allow an attacker to execute arbitrary code. Recommendations: At the moment, ther...

Microsoft 3D Viewer 安全漏洞

Microsoft 3D Viewer is a simplified and fast graphics editing application from Microsoft. A remote code execution vulnerability exists in Microsoft 3D Viewer, which can be exploited by an attacker to execute code on the target host...

PT-2023-5004 · 3D Viewer · 3D Viewer

Name of the Vulnerable Software and Affected Versions: 3D Viewer affected versions not specified Description: The issue is related to insufficient input validation in the 3D Viewer, which can be exploited by an attacker to execute arbitrary code using a specially crafted malicious file...

CVE-2022-41193

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script .eps, ai.x3d file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

SAP 3D Visual Enterprise Viewer 缓冲区错误漏洞

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installation as a stand-alone executable program and ActiveX space. A denial of service vulnerability...

PT-2022-25719 · Sap · Sap 3D Visual Enterprise Viewer

Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Viewer version 9 Description: The issue arises due to improper memory management when a user opens a manipulated VRML Worlds .wrl, vrml.x3d file from untrusted sources. This can cause the application to crash, becomin...