AI Score
Confidence
High
EPSS
Percentile
14.0%
Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
patchstack.com/database/vulnerability/pdf-block/wordpress-pdf-block-plugin-1-1-0-cross-site-scripting-xss-vulnerability
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/pdf-block/pdf-block-110-authenticated-contributor-stored-cross-site-scripting