Ndkadvancedcustomizationfields Security Vulnerabilities and Issues — Ndkadvancedcustomizationfields CVE List

Lucene search

Ndk-designNdkadvancedcustomizationfields

3 matches found

CVE•added 2022/11/22 1:15 a.m.•53 views

CVE-2022-40842

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php.

9.1CVSS9.2AI score0.00348EPSS

CVE•added 2022/11/01 5:15 p.m.•41 views

CVE-2022-40839

A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.

7.5CVSS7.8AI score0.01026EPSS

CVE•added 2022/11/02 1:15 p.m.•40 views

CVE-2022-40840

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting (XSS) via createPdf.php.

6.1CVSS6AI score0.00148EPSS