CVE-2024-12621

The Yumpu E-Paper publishing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'YUMPU' shortcode in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-12621 Yumpu E-Paper publishing <= 3.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Yumpu E-Paper publishing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'YUMPU' shortcode in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-12621

CVE-2024-12621 – Yumpu E-Paper publishing (WordPress) is a Stored XSS vulnerability in the Yumpu shortcode that affects all versions up to and including 3.0.8. Exploitation requires authenticated access at contributor level or higher, allowing injection of scripts that run when users view the pag...

CVE-2024-12621 Yumpu E-Paper publishing <= 3.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Yumpu E-Paper publishing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'YUMPU' shortcode in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Yumpu E-Paper publishing 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2025-1918 · WordPress · Yumpu E-Paper

Name of the Vulnerable Software and Affected Versions: Yumpu E-Paper publishing plugin for WordPress versions up to, and including, 3.0.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'YUMPU' shortcode due to insufficient input sanitization and output escaping ...

DONAUKURIER E-Paper - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application DONAUKURIER E-Paper published at the 'play' market has multiple vulnerabilities...

VDI nachrichten E-Paper - ContentProvider mode not defined, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application VDI nachrichten E-Paper published at the 'play' market has multiple vulnerabilities...

AZ/AN E-Paper - Customized SSL, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application AZ/AN E-Paper published at the 'play' market has multiple vulnerabilities...

RNZ E-Paper - BSD license, Dangerous filesystem permissions, GPL license vulnerabilities

HackApp vulnerability scanner discovered that application RNZ E-Paper published at the 'play' market has multiple vulnerabilities...

E-Paper der Rhein-Zeitung - Dangerous filesystem permissions, MIT license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application E-Paper der Rhein-Zeitung published at the 'play' market has multiple vulnerabilities...

WESER-KURIER E-Paper - ContentProvider mode not defined, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application WESER-KURIER E-Paper published at the 'play' market has multiple vulnerabilities...

HAZ E-Paper - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application HAZ E-Paper published at the 'play' market has multiple vulnerabilities...

LVZ E-Paper - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application LVZ E-Paper published at the 'play' market has multiple vulnerabilities...

Schwäbische Zeitung E-Paper - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Schwäbische Zeitung E-Paper published at the 'play' market has multiple vulnerabilities...

DIE ZEIT E-Paper App - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application DIE ZEIT E-Paper App published at the 'play' market has multiple vulnerabilities...