PT-2025-39538

Name of the Vulnerable Software and Affected Versions wp-mpdf versions through 3.9.1 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting XSS. This allows for the injection of malicious...

CVE-2024-27962

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1...