118 matches found
CVE-2024-31931
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Save as Image plugin by Pdfcrowd allows Stored XSS.This issue affects Save as Image plugin by Pdfcrowd: from n/a through 3.2.1...
CVE-2024-10891
The Save as PDF Plugin by Pdfcrowd plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saveaspdfpdfcrowd' shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-33684
Missing Authorization vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.0...
CVE-2024-37549
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 4.0.0...
CVE-2024-31930
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.1...
CVE-2023-52229
Missing Authorization vulnerability in Save as PDF plugin by Pdfcrowd Word Replacer Pro.This issue affects Word Replacer Pro: from n/a through 1.0...
CVE-2023-40668
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin = 2.16.0 versions...
CVE-2023-5971
The Save as PDF Plugin by Pdfcrowd WordPress plugin before 3.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite se...
CVE-2024-3062
The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-3062
The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-3062 Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS
The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-3062 Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS
The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
WordPress plugin Save as Image Plugin by Pdfcrowd 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-21470 · Pdfcrowd · Save As Image Plugin
Name of the Vulnerable Software and Affected Versions: Save as Image Plugin by Pdfcrowd versions prior to 3.2.2 Description: The issue concerns the Save as Image Plugin by Pdfcrowd WordPress plugin, where certain settings are not properly sanitised and escaped. This could allow high-privilege...
CVE-2025-24671
Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...
CVE-2025-24671
Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...
CVE-2025-24671 WordPress Save as PDF Plugin by Pdfcrowd Plugin <= 4.4.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...
CVE-2025-24671
CVE-2025-24671 : Deserialization of untrusted data in the Save as PDF plugin by Pdfcrowd (versions
CVE-2025-24671 WordPress Save as PDF Plugin by Pdfcrowd Plugin <= 4.4.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...
PT-2025-5491
Name of the Vulnerable Software and Affected Versions Pdfcrowd Save as PDF plugin versions n/a through 4.4.0 Description The issue is related to the deserialization of untrusted data, allowing object injection in the Pdfcrowd Save as PDF plugin. This enables potential attackers to inject objects,...