Lucene search
+L

118 matches found

redhatcve
redhatcve
added 2025/05/23 10:12 a.m.10 views

CVE-2024-31931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Save as Image plugin by Pdfcrowd allows Stored XSS.This issue affects Save as Image plugin by Pdfcrowd: from n/a through 3.2.1...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:20 a.m.10 views

CVE-2024-10891

The Save as PDF Plugin by Pdfcrowd plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saveaspdfpdfcrowd' shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.0027EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:56 a.m.14 views

CVE-2024-33684

Missing Authorization vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.0...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:42 a.m.13 views

CVE-2024-37549

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 4.0.0...

5.9CVSS6.8AI score0.00313EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 7:39 a.m.8 views

CVE-2024-31930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.1...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 6:8 a.m.6 views

CVE-2023-52229

Missing Authorization vulnerability in Save as PDF plugin by Pdfcrowd Word Replacer Pro.This issue affects Word Replacer Pro: from n/a through 1.0...

6.5CVSS8.6AI score0.00498EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 4:44 a.m.10 views

CVE-2023-40668

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin = 2.16.0 versions...

5.9CVSS5.6AI score0.00335EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 4:33 a.m.9 views

CVE-2023-5971

The Save as PDF Plugin by Pdfcrowd WordPress plugin before 3.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite se...

4.8CVSS5.6AI score0.0045EPSS
Exploits2
nvd
nvd
added 2025/05/15 8:15 p.m.7 views

CVE-2024-3062

The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS0.00266EPSS
Exploits2References1
osv
osv
added 2025/05/15 8:15 p.m.4 views

CVE-2024-3062

The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.8AI score0.00266EPSS
Exploits2References1
cvelist
cvelist
added 2025/05/15 8:9 p.m.21 views

CVE-2024-3062 Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS

The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

0.00266EPSS
Exploits2References1
vulnrichment
vulnrichment
added 2025/05/15 8:9 p.m.13 views

CVE-2024-3062 Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS

The Save as Image Plugin by Pdfcrowd WordPress plugin before 3.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.7AI score0.00266EPSS
Exploits2References1
cnnvd
cnnvd
added 2025/05/15 12:0 a.m.18 views

WordPress plugin Save as Image Plugin by Pdfcrowd 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS5.8AI score0.00266EPSS
Exploits2References1
ptsecurity
ptsecurity
added 2025/05/15 12:0 a.m.8 views

PT-2025-21470 · Pdfcrowd · Save As Image Plugin

Name of the Vulnerable Software and Affected Versions: Save as Image Plugin by Pdfcrowd versions prior to 3.2.2 Description: The issue concerns the Save as Image Plugin by Pdfcrowd WordPress plugin, where certain settings are not properly sanitised and escaped. This could allow high-privilege...

4.8CVSS5.7AI score0.00266EPSS
Exploits2References4
redhatcve
redhatcve
added 2025/02/06 2:33 a.m.7 views

CVE-2025-24671

Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...

9.8CVSS7.2AI score0.00507EPSS
Exploits0References1
nvd
nvd
added 2025/01/27 3:15 p.m.8 views

CVE-2025-24671

Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...

9.8CVSS0.00507EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/01/27 2:22 p.m.2 views

CVE-2025-24671 WordPress Save as PDF Plugin by Pdfcrowd Plugin <= 4.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...

9.8CVSS7.2AI score0.00507EPSS
Exploits0References1
cve
cve
added 2025/01/27 2:22 p.m.47 views

CVE-2025-24671

CVE-2025-24671 : Deserialization of untrusted data in the Save as PDF plugin by Pdfcrowd (versions

9.8CVSS7.2AI score0.00507EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/27 2:22 p.m.18 views

CVE-2025-24671 WordPress Save as PDF Plugin by Pdfcrowd Plugin <= 4.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through = 4.4.0...

9.8CVSS0.00507EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/01/27 12:0 a.m.7 views

PT-2025-5491

Name of the Vulnerable Software and Affected Versions Pdfcrowd Save as PDF plugin versions n/a through 4.4.0 Description The issue is related to the deserialization of untrusted data, allowing object injection in the Pdfcrowd Save as PDF plugin. This enables potential attackers to inject objects,...

9.8CVSS9.1AI score0.00507EPSS
Exploits0References8
Rows per page
Query Builder