PT-2025-50297

Name of the Vulnerable Software and Affected Versions PipesHub versions prior to 0.1.0-beta Description PipesHub is a workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta have a missing authentication check on the POST /api/v1/record/buffer/convert...

EUVD-2025-38371

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

CVE-2025-11448

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

CVE-2025-11448 Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

CVE-2025-11448 Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

CVE-2025-55161

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

CVE-2025-55161

Stirling-PDF prior to v1.1.0 exposes a Server-Side Request Forgery (SSRF) flaw in /api/v1/convert/markdown/pdf. The Markdown-to-PDF conversion uses a sanitizer that can be bypassed, allowing unauthenticated attackers to force the server to request arbitrary URLs (potentially internal). The issue ...

CVE-2025-55161 Stirling-PDF SSRF vulnerability on /api/v1/convert/markdown/pdf

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

CVE-2025-55151

Stirling-PDF prior to version 1.1.0 is affected by a Server-Side Request Forgery (SSRF) in the /api/v1/convert/file/pdf path, where LibreOffice’s unoconvert tool is used during file-to-PDF conversion. The vulnerability arises in the conversion process and has been patched in version 1.1.0. Affect...

PT-2025-32591 · Unknown +1 · Stirling-Pdf +1

Name of the Vulnerable Software and Affected Versions: Stirling-PDF versions prior to 1.1.0 Description: Stirling-PDF is a locally hosted web application used for PDF file operations. The “convert file to pdf” functionality, accessible via the /api/v1/convert/file/pdf API endpoint, is susceptible...

Failure to Sanitize Paired Delimiters

Overview Affected versions of this package are vulnerable to Failure to Sanitize Paired Delimiters via the Authorization header, by sending a crafted request to the /convert endpoint. Note: This is only exploitable if the Homarus microservice is directly accessible from the Internet. Remediation...

PT-2025-7069

Name of the Vulnerable Software and Affected Versions: Crayfish versions prior to 4.1.0 Description: Remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The exploit requires making a request against the Homarus's "/convert" endpoint. To redu...

Server-side Request Forgery (SSRF)

Overview github.com/gotenberg/gotenberg/v7/pkg/modules/chromium is a Docker-powered stateless API for PDF files. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal syst...