Filtered by vendor Fkrauthan
Subscriptions
Filtered by product Wp-mpdf
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-50897 | 3 Fkrauthan, Mpdf1, Mpdf Project | 3 Wp-mpdf, Mpdf, Mpdf | 2026-03-05 | 5.5 Medium |
| mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications. | ||||
| CVE-2025-60040 | 2 Fkrauthan, Wordpress | 2 Wp-mpdf, Wordpress | 2025-09-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fkrauthan wp-mpdf allows Stored XSS. This issue affects wp-mpdf: from n/a through 3.9.1. | ||||
| CVE-2024-27962 | 1 Fkrauthan | 1 Wp-mpdf | 2025-02-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1. | ||||
Page 1 of 1.