21 matches found
EUVD-2024-25136
Malicious code in bioql PyPI...
EUVD-2021-34243
Malicious code in bioql PyPI...
EUVD-2025-31309
Malicious code in bioql PyPI...
CVE-2025-60040
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fkrauthan wp-mpdf wp-mpdf allows Stored XSS.This issue affects wp-mpdf: from n/a through = 3.9.1...
WordPress wp-mpdf Plugin <= 3.9.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin wp-mpdf versions = 3.9.1...
CVE-2025-60040
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fkrauthan wp-mpdf wp-mpdf allows Stored XSS.This issue affects wp-mpdf: from n/a through = 3.9.1...
CVE-2025-60040 WordPress wp-mpdf Plugin <= 3.9.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fkrauthan wp-mpdf wp-mpdf allows Stored XSS.This issue affects wp-mpdf: from n/a through = 3.9.1...
WordPress plugin wp-mpdf 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
CVE-2024-27962
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1...
CVE-2024-27962 WordPress wp-mpdf plugin <= 3.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1...
CVE-2024-27962 WordPress wp-mpdf plugin <= 3.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1...
CVE-2024-27962
CVE-2024-27962 is a Reflected XSS in the WordPress plugin wp-mpdf (author Florian ‘fkrauthan’ Krauthan). The issue arises from improper neutralization of input during web page generation, enabling reflected cross-site scripting. Affected range: wp-mpdf from n/a up to and including 3.7.1. The Conn...
WordPress Plugin wp-mpdf 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin wp-mpdf A cross-si...
PT-2024-22167 · WordPress · Wp-Mpdf
Name of the Vulnerable Software and Affected Versions: wp-mpdf versions 3.7.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This can be exploited by injecting malicious...
wp-mpdf < 3.8 - Reflected Cross-Site Scripting
Description The wp-mpdf plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execu...
WordPress wp-mpdf Plugin <= 3.7.1 is vulnerable to Cross Site Scripting (XSS)
Software wp-mpdf Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27962 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 94c383c2d70a Credits stealthcopter Required privilege...
CVE-2021-4416
The CVE-2021-4416 entry concerns the WordPress wp-mpdf plugin. Affected software: WordPress wp-mpdf plugin for WordPress, versions up to and including 3.5.1. Vulnerability: Cross-Site Request Forgery due to missing or incorrect nonce validation in the mpdf_admin_savepost() function. Impact: unaut...
CVE-2021-4416 wp-mpdf <= 3.5.1 - Cross-Site Request Forgery Bypass
The wp-mpdf plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.1. This is due to missing or incorrect nonce validation on the mpdfadminsavepost function. This makes it possible for unauthenticated attackers to save post data via a forged request...
PT-2023-12528 · WordPress · Wp-Mpdf
Name of the Vulnerable Software and Affected Versions: wp-mpdf plugin for WordPress versions up to, and including, 3.5.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the mpdf admin savepost function. This allows unauthenticated...
WordPress Plugin wp-mpdf 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...