cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-50849,https://securityvulnerability.io/vulnerability/CVE-2023-50849,WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection,"The E2Pdf – Export To Pdf Tool for WordPress is vulnerable to a SQL Injection flaw due to improper neutralization of special elements in SQL commands. This vulnerability allows malicious users to exploit the tool and execute arbitrary SQL queries, potentially leading to unauthorized access to sensitive data contained within the database. It is crucial for users of E2Pdf to update to the latest version to mitigate this security issue.",Wordpress,E2Pdf – Export To Pdf Tool for WordPress,7.6,HIGH,0.0008900000248104334,false,,false,false,false,,false,false,2023-12-28T12:15:00.000Z,0
CVE-2023-46154,https://securityvulnerability.io/vulnerability/CVE-2023-46154,WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection,"Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18.

",Wordpress,E2Pdf – Export To Pdf Tool for WordPress,6.6,MEDIUM,0.0008200000156648457,false,,false,false,false,,false,false,2023-12-19T00:15:00.000Z,0
CVE-2023-6826,https://securityvulnerability.io/vulnerability/CVE-2023-6826,Arbitrary File Upload Vulnerability in E2Pdf Plugin for WordPress,"The E2Pdf plugin for WordPress has a vulnerability that allows authenticated users, who have been granted access by an administrator, to upload arbitrary files. This is due to insufficient validation of file types in the 'import_action' function. Such a security flaw can lead to remote code execution on the affected site's server, posing significant risks to the site's integrity and security. It’s crucial for site administrators to update to the latest version to mitigate these risks.",Wordpress,E2PDF – Export To PDF Tool For WordPress,7.2,HIGH,0.003010000102221966,false,,false,false,false,,false,false,2023-12-15T08:15:00.000Z,0
CVE-2022-0535,https://securityvulnerability.io/vulnerability/CVE-2022-0535,E2Pdf < 1.16.45 - Admin+ Stored Cross-Site Scripting (XSS),"The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed",Wordpress,E2PDF – Export To PDF Tool For WordPress,4.8,MEDIUM,0.0011899999808520079,false,,false,false,false,,false,false,2022-03-07T08:16:51.000Z,0