PDF & Print <= 2.0.2 - Unauthenticated Cross-Site-Scripting (XSS)

Affects Plugin

fixed in version 2.0.3

References

PACKETSTORM 149603
URL https://bestwebsoft.com/products/wordpress/plugins/pdf-print/
URL https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-014.txt

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Robin Trost of SySS GmbH
Submitter Ryan Dewhurst
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 3539
Verified No
WPVDB ID 9134

Timeline

Publicly Published 2018-09-30 (2 months ago)
Added 2018-10-02 (2 months ago)
Last Updated 2018-10-02 (2 months ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.