Log out
Get PRO

Latest

Input validation vulnerability in EmbedPress 4.0.0

  • Severity: medium-risk
  • Status: Open
  • Publication: May 20, 2024

PDF.js has a security issue that allows unauthorized people to run harmful code on versions older than 4.2.67. This happens because the program doesn’t check the type of fonts it uses. This means that someone with certain permissions can trick someone into opening a specific PDF document and run their own code.

Detected in:

ARI Fancy Lightbox – Popup for WordPress fixed vulnerable versions:
ARI Fancy Lightbox – WordPress Popup fixed vulnerable versions: >= * <= 1.3.14
Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer fixed vulnerable versions:
EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor fixed vulnerable versions:
EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor fixed vulnerable versions:
EmbedPress – Embed PDF, PDF 3D FlipBook, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor fixed vulnerable versions:
EmbedPress – Embed PDF, PDF 3D FlipBook, Instagram Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Maps & Upload PDF Documents fixed vulnerable versions:
EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor fixed vulnerable versions: >= * <= 4.0.2
PDF Embedder fixed vulnerable versions: >= * <= 4.7.1
PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer – DearFlip fixed vulnerable versions:
PDF Poster- Best PDF Embedder Plugin for WordPress fixed vulnerable versions:
PDF Poster- PDF Embedder Plugin fixed vulnerable versions:
PDF.js Viewer fixed vulnerable versions: >= * <= 2.1.8.1
Wonder PDF Embed fixed vulnerable versions: >= * <= 2.7
BSK PDF Manager open vulnerable versions: >= * <= 3.6
PDF Viewer for Elementor open vulnerable versions: >= * <= 2.9.3
PDF viewer for Elementor & Gutenberg open vulnerable versions: >= * <= 1.3.2
Tainacan open vulnerable versions: >= * <= 0.21.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)

Wordpress Linkedin Github

Get Started

About

Popular articles