Lucene search
K

14 matches found

CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5CVSS5.8AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-22350

Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...

6.5CVSS5.5AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.31 views

CVE-2026-22350 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...

6.5CVSS0.00248EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.14 views

PT-2026-21198

Name of the Vulnerable Software and Affected Versions PDF for Elementor Forms + Drag And Drop Template Builder versions through 6.3.1 Description A missing authorization issue exists in PDF for Elementor Forms + Drag And Drop Template Builder. The issue involves exploiting incorrectly configured...

5.3AI score0.00248EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.38 views

CVE-2025-60080 WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

7.5CVSS0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin PDF for Gravity Forms + Drag And Drop Template Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

7.5CVSS6.7AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 9:20 a.m.6 views

EUVD-2025-203072

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

5.3CVSS5AI score0.00204EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.8 views

CVE-2025-24755

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Stored XSS.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 4.6.0...

6.5CVSS7.2AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:24 p.m.6 views

CVE-2025-47537

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...

7.6CVSS7.3AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.8 views

CVE-2025-47537

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...

7.6CVSS0.00355EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.47 views

CVE-2025-47537

CVE-2025-47537 describes an SQL Injection vulnerability in the WordPress plugin set PDF Invoices for WooCommerce + Drag and Drop Template Builder. The issue arises from improper neutralization of special elements in SQL commands, affecting versions up to and including 5.3.8. Connected sources (PT...

7.6CVSS7.3AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.19 views

CVE-2025-47537 WordPress PDF Invoice Builder for WooCommerce plugin <= 5.3.8 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...

7.6CVSS0.00355EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 6:15 p.m.25 views

CVE-2025-24755

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Stored XSS.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 4.6.0...

6.5CVSS0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/15 11:24 a.m.14 views

CVE-2024-12593 PDF for WPForms + Drag and Drop Template Builder <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yeepdf_dotab Shortcode

The PDF for WPForms + Drag and Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's yeepdfdotab shortcode in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...

6.4CVSS0.00389EPSS
Exploits0References3
Rows per page
Query Builder