cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-5110,https://securityvulnerability.io/vulnerability/CVE-2023-5110,Stored Cross-Site Scripting in BSK PDF Manager for WordPress,"The BSK PDF Manager plugin for WordPress contains a vulnerability that allows authenticated attackers, including those with contributor-level permissions and above, to exploit insufficient input sanitization and output escaping. This is specifically related to the 'bsk-pdfm-category-dropdown' shortcode. By injecting arbitrary web scripts into pages, these scripts will execute whenever a user accesses the compromised page, posing significant security risks to website users.",Wordpress,BSK PDF Manager,5.4,MEDIUM,0.0004799999878741801,false,,false,false,false,,false,false,2023-10-25T18:17:00.000Z,0
CVE-2021-24860,https://securityvulnerability.io/vulnerability/CVE-2021-24860,BSK PDF Manager < 3.1.2 - Admin+ SQL Injection,"The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue",Wordpress,Bsk PDF Manager,7.2,HIGH,0.001120000029914081,false,,false,false,false,,false,false,2021-11-29T08:25:41.000Z,0
CVE-2014-4944,https://securityvulnerability.io/vulnerability/CVE-2014-4944,,Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.php.,Wordpress,Bsk PDF Manager,,,0.0007900000200606883,false,,false,false,false,,false,false,2014-07-14T14:55:00.000Z,0