Vulnerabilities > Flowpaper
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-20 | CVE-2023-5200 | Cross-site Scripting vulnerability in Flowpaper The flowpaper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'flipbook' shortcode in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2023-09-04 | CVE-2023-40197 | Cross-site Scripting vulnerability in Flowpaper Auth. | 5.4 |
2021-11-10 | CVE-2020-23878 | Out-of-bounds Write vulnerability in Flowpaper Pdf2Json 0.71 pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch. | 9.8 |
2021-11-10 | CVE-2020-23879 | NULL Pointer Dereference vulnerability in Flowpaper Pdf2Json 0.71 pdf2json v0.71 was discovered to contain a NULL pointer dereference in the component ObjectStream::getObject. | 7.5 |
2021-07-21 | CVE-2020-19463 | Allocation of Resources Without Limits or Throttling vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a stack overflow. | 5.5 |
2021-07-21 | CVE-2020-19464 | Allocation of Resources Without Limits or Throttling vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a stack overflow . | 5.5 |
2021-07-21 | CVE-2020-19465 | Out-of-bounds Read vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function ObjectStream::getObject in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 . | 5.5 |
2021-07-21 | CVE-2020-19466 | Out-of-bounds Read vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 1 . | 5.5 |
2021-07-21 | CVE-2020-19467 | Use After Free vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an Illegal Use After Free . | 5.5 |
2021-07-21 | CVE-2020-19468 | NULL Pointer Dereference vulnerability in Flowpaper Pdf2Json 0.70 An issue has been found in function EmbedStream::getChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a null pointer derefenrece (invalid read of size 8) . | 5.5 |