105 matches found
CVE-2025-14793
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
CVE-2025-14793
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
CVE-2025-14793 DK PDF – WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
CVE-2025-14793
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
CVE-2025-14793 DK PDF – WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
PT-2026-3223
The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary...
WordPress plugin DK PDF code issue vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
WordPress DK PDF - WordPress PDF Generator plugin <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery vulnerability
WordPress DK PDF - WordPress PDF Generator plugin = 2.3.0 - Authenticated Author+ Server-Side Request Forgery vulnerability discovered by WordFence in WordPress Plugin DK PDF – WordPress PDF Generator versions = 2.3.0...
EUVD-2025-146932
Malicious code in uinsu-losiat-dk npm...
EUVD-2022-43758
Malicious code in bioql PyPI...
CVE-2024-8727
The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2025-24541
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...
CVE-2025-24541
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...
CVE-2025-24541 WordPress DK White Label plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...
CVE-2025-24541
The CVE-2025-24541 entry concerns the WordPress DK White Label plugin (versions up to 1.0). The vulnerability is a Reflected Cross-Site Scripting (XSS) due to Improper Neutralization of Input During Web Page Generation. The issue affects DK White Label: from n/a through 1.0, and the connected sou...
CVE-2025-24541 WordPress DK White Label plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...
WordPress DK White Label plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin DK White Label versions = 1.0...
CVE-2024-8727
The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-8727
DK PDF for WordPress is vulnerable to Reflected XSS (CVE-2024-8727) due to improper escaping in add_query_arg usage across versions up to 1.9.6. Unauthenticated attackers could inject scripts into pages that run when a user is tricked into taking an action (e.g., clicking a link). Public sources ...
CVE-2024-8727 DK PDF <= 1.9.6 - Reflected Cross-Site Scripting
The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...