Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2022-47168

Disclosure Date: December 13, 2024 (last updated December 18, 2024)
Missing Authorization vulnerability in Printful Printful Integration for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Printful Integration for WooCommerce: from n/a through 2.2.3.
0
Attacker Value
Unknown

CVE-2023-25032

Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Print, PDF, Email by PrintFriendly plugin <= 5.5.1 versions.
Attacker Value
Unknown

CVE-2022-0663

Disclosure Date: June 20, 2022 (last updated February 23, 2025)
The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Attacker Value
Unknown

CVE-2021-23354

Disclosure Date: March 12, 2021 (last updated February 22, 2025)
The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0 +\-\]*)(\*|\d+)?(\.)?(\*|\d+)?[hlL]?([\%bscdeEfFgGioOuxX])/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity.
Attacker Value
Unknown

CVE-2009-4062

Disclosure Date: November 24, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in the Printfriendly module 6.x before 6.x-1.6 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown

CVE-2008-5034

Disclosure Date: November 10, 2008 (last updated November 08, 2023)
master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"'
0