CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4670

The PDF.js Viewer WordPress plugin before 2.1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.8%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2022-4670

Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.0

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.0
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.3

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.3
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4.1

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4.1
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4.2

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4.2
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4.3

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4.3
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4.4

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4.4
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4.5

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4.5
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.4.6

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.4.6
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.1

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.1
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.2

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.2
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.3

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.3
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.4

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.4
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.5

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.5
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.6

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.6
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.7

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.7
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.8

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.8
Pdf.js Viewer Project » Pdf.js Viewer » Version: 1.5.9

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:1.5.9
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.0.0

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.0.0
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.0.1

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.0.1
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.0.2

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.0.2
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.0

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.0
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.1

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.1
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.2

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.2
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.3

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.3
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.4

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.4
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.5

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.5
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.6

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.6
Pdf.js Viewer Project » Pdf.js Viewer » Version: 2.1.7

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:2.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4670

Products

Pricing

Contact Us