CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

PDF Generator for WordPress < 1.1.2 - Cross Site Scripting

The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin id: CVE-2022-4321 info: name: PDF Generator for WordPress 1.1.2 - Cross Site Scripting author: r3Y3r53,HuTa0 severity: medium...

6.1CVSS6.3AI score0.1207EPSS

Exploits2References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-27392

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00057EPSS

Exploits0References1

Positive Technologies•added 2025/09/09 12:0 a.m.•4 views

PT-2025-36799

Name of the Vulnerable Software and Affected Versions: WP Swings PDF Generator for WordPress versions n/a through 1.5.4 Description: The PDF Generator for WordPress plugin suffers from a missing authorization issue due to incorrectly configured access control security levels. Recommendations:...

5.3CVSS6.2AI score0.00057EPSS

Exploits0References4

Patchstack•added 2024/10/24 10:2 a.m.•2 views

WordPress PDF Generator Addon for Elementor Page Builder plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin PDF Generator Addon for Elementor Page Builder versions = 1.7.4...

6.5CVSS5.9AI score0.00143EPSS

Exploits0Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•9 views

WordPress PDF Generator Addon for Elementor Page Builder Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Software PDF Generator Addon for Elementor Page Builder Type Plugin Vulnerable versions = 1.7.4 Fixed in 1.7.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50449 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7f59036ae201 Credits João...

6.5CVSS6.3AI score0.00143EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/01 3:21 a.m.•2 views

WordPress DK PDF plugin <= 1.9.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin DK PDF – WordPress PDF Generator versions = 1.9.6...

6.1CVSS6.3AI score0.01829EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/01/23 12:0 a.m.•10 views

WordPress PDF Generator For Fluent Forms Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software PDF Generator For Fluent Forms Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6953 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f3bea2a974ac Credits drop...

5.4CVSS6AI score0.00328EPSS

Exploits0References3Affected Software1

Patchstack•added 2023/01/16 12:0 a.m.•14 views

WordPress PDF Generator for WordPress – Create & Customize PDF for Post, Pages and WooCommerce Products Plugin < 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software PDF Generator for WordPress – Create & Customize PDF for Post, Pages and WooCommerce Products Type Plugin Vulnerable versions 1.1.2 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4321 Patch priority Low CVSS severity Low 7.1...

6.1CVSS5.8AI score0.1207EPSS

Exploits2References4Affected Software1

WPVulnDB•added 2023/01/16 12:0 a.m.•19 views

PDF Generator for WordPress < 1.1.2 - Reflected XSS

The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin PoC Make a logged in admin open the following URL:...

6.1CVSS5.7AI score0.1207EPSS

Exploits2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by