Vulnerability Details CVE-2023-5229
The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.1%
CVSS Severity
CVSS v3 Score 4.8
Products affected by CVE-2023-5229
-
-
cpe:2.3:a:e2pdf:e2pdf:1.00.00
-
cpe:2.3:a:e2pdf:e2pdf:1.00.13
-
cpe:2.3:a:e2pdf:e2pdf:1.01.01
-
cpe:2.3:a:e2pdf:e2pdf:1.02.02
-
cpe:2.3:a:e2pdf:e2pdf:1.03.07
-
cpe:2.3:a:e2pdf:e2pdf:1.04.07
-
cpe:2.3:a:e2pdf:e2pdf:1.05.03
-
cpe:2.3:a:e2pdf:e2pdf:1.06.02
-
cpe:2.3:a:e2pdf:e2pdf:1.07.11
-
cpe:2.3:a:e2pdf:e2pdf:1.08.09
-
cpe:2.3:a:e2pdf:e2pdf:1.09.10
-
cpe:2.3:a:e2pdf:e2pdf:1.10.11
-
cpe:2.3:a:e2pdf:e2pdf:1.11.08
-
cpe:2.3:a:e2pdf:e2pdf:1.13.40
-
cpe:2.3:a:e2pdf:e2pdf:1.15.14
-
cpe:2.3:a:e2pdf:e2pdf:1.15.54
-
cpe:2.3:a:e2pdf:e2pdf:1.16.00
-
cpe:2.3:a:e2pdf:e2pdf:1.16.01
-
cpe:2.3:a:e2pdf:e2pdf:1.16.02
-
cpe:2.3:a:e2pdf:e2pdf:1.16.09
-
cpe:2.3:a:e2pdf:e2pdf:1.16.16
-
cpe:2.3:a:e2pdf:e2pdf:1.16.28
-
cpe:2.3:a:e2pdf:e2pdf:1.16.43
-
cpe:2.3:a:e2pdf:e2pdf:1.16.44
-
cpe:2.3:a:e2pdf:e2pdf:1.16.45
-
cpe:2.3:a:e2pdf:e2pdf:1.16.46
-
cpe:2.3:a:e2pdf:e2pdf:1.16.47
-
cpe:2.3:a:e2pdf:e2pdf:1.16.48
-
cpe:2.3:a:e2pdf:e2pdf:1.16.49
-
cpe:2.3:a:e2pdf:e2pdf:1.16.50
-
cpe:2.3:a:e2pdf:e2pdf:1.16.52
-
cpe:2.3:a:e2pdf:e2pdf:1.16.53
-
cpe:2.3:a:e2pdf:e2pdf:1.16.55
-
cpe:2.3:a:e2pdf:e2pdf:1.16.56
-
cpe:2.3:a:e2pdf:e2pdf:1.16.57
-
cpe:2.3:a:e2pdf:e2pdf:1.16.58
-
cpe:2.3:a:e2pdf:e2pdf:1.17.43
-
cpe:2.3:a:e2pdf:e2pdf:1.20.00
-
cpe:2.3:a:e2pdf:e2pdf:1.20.05
-
cpe:2.3:a:e2pdf:e2pdf:1.20.06
-
cpe:2.3:a:e2pdf:e2pdf:1.20.09
-
cpe:2.3:a:e2pdf:e2pdf:1.20.10
-
cpe:2.3:a:e2pdf:e2pdf:1.20.11
-
cpe:2.3:a:e2pdf:e2pdf:1.20.14
-
cpe:2.3:a:e2pdf:e2pdf:1.20.15
-
cpe:2.3:a:e2pdf:e2pdf:1.20.16
-
cpe:2.3:a:e2pdf:e2pdf:1.20.17
-
cpe:2.3:a:e2pdf:e2pdf:1.20.18
-
cpe:2.3:a:e2pdf:e2pdf:1.20.19