PDF & Print <= 2.0.2 - Unauthenticated Cross-Site-Scripting (XSS)

Affects Plugin

fixed in version 2.0.3

References

PACKETSTORM 149603
URL https://bestwebsoft.com/products/wordpress/plugins/pdf-print/
URL https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-014.txt

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Robin Trost of SySS GmbH
Submitter Ryan Dewhurst
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 6923
Verified No
WPVDB ID 9134

Timeline

Publicly Published 2018-09-30 (10 months ago)
Added 2018-10-02 (10 months ago)
Last Updated 2018-10-02 (10 months ago)