EUVD-2019-1745

Malware in sbrugna...

EUVD-2019-1999

Malware in sbrugna...

Wordpress article2pdf路径遍历漏洞

WordPress is a set of blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. article2pdf plugin is used in which a plugin can convert articles into PDF files. wordpress article2pdf has a path traversa...

WordPress article2pdf plugin <=0.27 - Multiple vulnerabilities

Multiple vulnerabilities found by Christian Lerrahn in WordPress article2pdf plugin versions =0.27. Solution 2019 March 28 - we were unable to find a patched version of this plugin. Last time updated ten years ago, closed by WordPress for security reasons...

CVE-2019-1010257

An Information Disclosure / Data Modification issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can ...

Design/Logic Flaw

An Information Disclosure / Data Modification issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can ...

CVE-2019-1000031

A disk space or quota exhaustion issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in...

CVE-2019-1000031

A disk space or quota exhaustion issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in...

Code injection

A disk space or quota exhaustion issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in...

CVE-2019-1010257

The CVE-2019-1010257 entry concerns the WordPress article2pdf plugin (versions 0.24–0.27) and a path traversal/override flaw in article2pdf_getfile.php. A crafted URL can override the target PDF file path, enabling download of any PDF that is readable by the web server, with the file potentially ...

CVE-2019-1010257

An Information Disclosure / Data Modification issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can ...

CVE-2019-1000031

The CVE-2019-1000031 entry affects the article2pdf WordPress plugin, specifically versions 0.24–0.27. The root cause is in article2pdf_getfile.php: when a user visits the PDF generation link but does not follow the redirect, the generated PDF file is left on disk and not deleted by the plugin, le...

CVE-2019-1000031

A disk space or quota exhaustion issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in...

WordPress article2pdf 0.24 DoS / File Deletion / Disclosure

Product: article2pdf Wordpress plug-in Product Website: https://wordpress.org/plugins/article2pdf/ Affected Versions: 0.24 and greater The following vulnerabilities were found in a code review of the plug-in. An attempt to contact the plug-in maintainer on 8 December 2018 was unsuccessful. The...

article2pdf - Multiple Vulnerabilities

The article2pdf WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability...