| CVE/PSC | Application | Date | Affected versions | Description |
|---|---|---|---|---|
| Actual on: Jun 05, 2025, 21:06:58 | Entries count: 6 | |||
|
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
vulnerable
|
Jun 07, 2024, 08:06:32 |
Min -
Max 1.0
|
The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. | |
|
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
vulnerable
|
Jun 07, 2024, 08:06:32 |
Min -
Max 1.1
|
The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter. | |
|
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
vulnerable
|
Jun 07, 2024, 08:06:32 |
Min -
Max 3.63
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Reflected XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin: from n/a through 3.62. | |
|
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
vulnerable
|
Jun 07, 2024, 08:06:32 |
Min -
Max 1.0
|
The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion. | |
|
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
vulnerable
|
Jun 07, 2024, 08:06:32 |
Min -
Max 3.72
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Stored XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin: from n/a through 3.71. | |
|
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
vulnerable
|
Nov 16, 2024, 17:11:55 |
Min -
Max 4.8.5
|
The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'r3dfb_save_thumbnail_callback' function in all versions up to, and including, 4.6. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |