WordPress Save as PDF Plugin by PDFCrowd plugin <= 4.5.5 - Reflected Cross-Site Scripting via options vulnerability

Reflected Cross-Site Scripting via options vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Save as PDF versions = 4.5.5...

CVE-2026-0862

CVE-2026-0862 concerns the WordPress plugin “Save as PDF Plugin by PDFCrowd.” Wordfence/patch data indicate a Reflected Cross-Site Scripting (XSS) vulnerability via the options parameter in all versions up to 4.5.5, caused by insufficient input sanitization and output escaping. Exploitation by an...

CVE-2026-0862 Save as PDF Plugin by PDFCrowd <= 4.5.5 - Reflected Cross-Site Scripting via options

The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

WordPress plugin “Save as PDF Plugin” by PDFCrowd has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2023-40665

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pdfcrowd Save as Image plugin by Pdfcrowd plugin = 2.16.0 versions...

EUVD-2023-45224

Malicious code in bioql PyPI...

EUVD-2023-45221

Malicious code in bioql PyPI...

EUVD-2024-31396

Malicious code in bioql PyPI...

EUVD-2024-36748

Malicious code in bioql PyPI...

EUVD-2024-29789

Malicious code in bioql PyPI...

EUVD-2025-3865

Malicious code in bioql PyPI...

EUVD-2024-31668

Malicious code in bioql PyPI...

EUVD-2024-29788

Malicious code in bioql PyPI...

EUVD-2023-56902

Malicious code in bioql PyPI...

EUVD-2025-30493

Malicious code in bioql PyPI...

EUVD-2024-35408

Malicious code in bioql PyPI...

CVE-2025-59552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Stored XSS.This issue affects Save as PDF: from n/a through = 4.5.2...

CVE-2025-59552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Stored XSS.This issue affects Save as PDF: from n/a through = 4.5.2...

CVE-2025-59552

CVE-2025-59552 describes an Stored XSS in the WordPress plugin “Save as PDF Plugin by PDFCrowd” (affecting versions from the original to 4.5.2). The issue arises from improper neutralization of input during web page generation, enabling injection of scripts that could be stored and later executed...

PT-2025-39036

Name of the Vulnerable Software and Affected Versions Save as PDF versions through 4.5.2 Description An issue exists in Pdfcrowd Dev Team Save as PDF that allows for Stored Cross-site Scripting XSS. The issue is due to improper neutralization of input during web page generation. This could allow ...