Vulnerabilities > E2Pdf

DATE CVE VULNERABILITY TITLE RISK
2023-12-28 CVE-2023-50849 SQL Injection vulnerability in E2Pdf
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23.
network
low complexity
e2pdf CWE-89
7.2
2023-12-19 CVE-2023-46154 Deserialization of Untrusted Data vulnerability in E2Pdf
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18.
network
low complexity
e2pdf CWE-502
7.2
2023-12-15 CVE-2023-6826 Unrestricted Upload of File with Dangerous Type vulnerability in E2Pdf
The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'import_action' function in versions up to, and including, 1.20.25.
network
low complexity
e2pdf CWE-434
7.2
2023-10-31 CVE-2023-5229 Cross-site Scripting vulnerability in E2Pdf
The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
network
low complexity
e2pdf CWE-79
4.8
2022-03-07 CVE-2022-0535 Cross-site Scripting vulnerability in E2Pdf
The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
network
e2pdf CWE-79
3.5