cleantalk
Vulnerabilities and Security Researches

PDF Generator for WordPress – Create & Customize PDF for Posts, Pages and WooCommerce Products, CVE-2022-4321

CVE, Research URL

CVE-2022-4321

Home page URL

Security reports for PDF Generator for WordPress – Create & Customize PDF for Posts, Pages and WooCommerce Products

Application

PDF Generator for WordPress – Create & Customize PDF for Posts, Pages and WooCommerce Products

Published on
Feb 07, 2023
Research Description
The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin
Affected versions
Min -, max 1.1.2.
Status
vulnerable
Previous vulnerability researches
PDF Generator for WordPress – Create & Customize PDF for Posts, Pages and WooCommerce Products (CVE-2025-58978) , Sep 10, 2025
PDF Generator for WordPress – Create & Customize PDF for Posts, Pages and WooCommerce Products (CVE-2022-4321) , Jun 07, 2024
New vulnerability
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025
PagSeguro / PagBank Connect (CVE-2025-10142) , Sep 11, 2025
Duplicate Page and Post (CVE-2025-6189) , Sep 11, 2025