The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/6ac1259c-86d9-428b-ba98-7f3d07910644 | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/6ac1259c-86d9-428b-ba98-7f3d07910644 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 07:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-06 20:15
Updated : 2024-11-21 07:35
NVD link : CVE-2022-4321
Mitre link : CVE-2022-4321
CVE.ORG link : CVE-2022-4321
JSON object : View
Products Affected
wpswings
- pdf_generator_for_wordpress
CWE
No CWE.