EUVD-2023-32324

Malicious code in bioql PyPI...

CVE-2023-28663

The Formidable PRO2PDF WordPress Plugin, version 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ parameter in the fpropdfexportfile action...

Formidable PRO2PDF Plugin for WordPress < 3.11 SQL Injection

The WordPress Formidable PRO2PDF Plugin installed on the remote host is affected by an authenticated SQL Injection via the fieldmap parameter of the fpropdfexportfile action. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported versi...

WordPress Formidable PRO2PDF Plugin < 3.10 SQLi Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:formidablepro2pdf:formidablepro2pdf"; ifdescription...

CVE-2023-28663

The Formidable PRO2PDF WordPress Plugin, version 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ parameter in the fpropdfexportfile action...

CVE-2023-28663

The Formidable PRO2PDF WordPress Plugin, version 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ parameter in the fpropdfexportfile action...

Formidable PRO2PDF < 3.11 - Subscriber+ SQLi

The plugin does not properly sanitise and escape the fieldmap parameter before using it in a SQL statement via the fpropdfexportfile AJAX action, leading to a SQL injection exploitable by any authenticated users, such as subscriber PoC Run the below command in the developer console of the web...

CVE-2023-28663

The Formidable PRO2PDF WordPress Plugin, version 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ parameter in the fpropdfexportfile action...

CVE-2023-28663

The Formidable PRO2PDF WordPress Plugin, version 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ parameter in the fpropdfexportfile action...

CVE-2023-28663

The Formidable PRO2PDF WordPress Plugin, versions prior to 3.11, contains an authenticated SQL injection in the fieldmap parameter of the fpropdf_export_file action. The root cause is improper handling of the fieldmap input, enabling arbitrary SQL execution when authenticated. This affects the pl...

WordPress Plugin Formidable PRO2PDF SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2023-21885 · WordPress · Formidable Pro2Pdf Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Formidable PRO2PDF WordPress Plugin versions prior to 3.11 Description: The issue is an authenticated SQL injection vulnerability. It affects the fieldmap parameter in the fpropdf export file action. Recommendations: For versions prior to 3.1...