Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flowpaper flowpaper vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-5200
The flowpaper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'flipbook' shortcode in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authentica...
Flowpaper Flowpaper
5.4
CVSSv3
CVE-2023-40197
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Devaldi Ltd flowpaper plugin <= 1.9.9 versions.
Flowpaper Flowpaper
6.1
CVSSv3
CVE-2014-9677
Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper prior to 2.3.1 allows remote malicious users to inject arbitrary web script or HTML via the Swfile parameter.
Flowpaper Flexpaper
6.1
CVSSv3
CVE-2014-9678
FlexPaperViewer.swf in Flexpaper prior to 2.3.1 allows remote malicious users to conduct content-spoofing attacks via the Swfile parameter.
Flowpaper Flexpaper
9.8
CVSSv3
CVE-2018-11686
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
Flowpaper Flexpaper
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2020-18750
Buffer overflow in pdf2json 0.69 allows local users to execute arbitrary code by converting a crafted PDF file.
Flowpaper Pdf2json 0.69
9.8
CVSSv3
CVE-2020-23878
pdf2json v0.71 exists to contain a stack buffer overflow in the component XRef::fetch.
Flowpaper Pdf2json 0.71
7.5
CVSSv3
CVE-2020-23879
pdf2json v0.71 exists to contain a NULL pointer dereference in the component ObjectStream::getObject.
Flowpaper Pdf2json 0.71
5.5
CVSSv3
CVE-2020-19466
An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows malicious users to cause a Denial of Service due to an invalid read of size 1 .
Flowpaper Pdf2json 0.70
5.5
CVSSv3
CVE-2020-19471
An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows malicious users to cause a Denial of Service due to an invalid read of size 4 .
Flowpaper Pdf2json 0.70
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »