14 matches found
WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-22350
Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...
CVE-2026-22350 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...
PT-2026-21198
Name of the Vulnerable Software and Affected Versions PDF for Elementor Forms + Drag And Drop Template Builder versions through 6.3.1 Description A missing authorization issue exists in PDF for Elementor Forms + Drag And Drop Template Builder. The issue involves exploiting incorrectly configured...
CVE-2025-60080 WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...
WordPress plugin PDF for Gravity Forms + Drag And Drop Template Builder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
EUVD-2025-203072
The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...
CVE-2025-24755
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Stored XSS.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 4.6.0...
CVE-2025-47537
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...
CVE-2025-47537
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...
CVE-2025-47537
CVE-2025-47537 describes an SQL Injection vulnerability in the WordPress plugin set PDF Invoices for WooCommerce + Drag and Drop Template Builder. The issue arises from improper neutralization of special elements in SQL commands, affecting versions up to and including 5.3.8. Connected sources (PT...
CVE-2025-47537 WordPress PDF Invoice Builder for WooCommerce plugin <= 5.3.8 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...
CVE-2025-24755
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Stored XSS.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 4.6.0...
CVE-2024-12593 PDF for WPForms + Drag and Drop Template Builder <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yeepdf_dotab Shortcode
The PDF for WPForms + Drag and Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's yeepdfdotab shortcode in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...