VYPR

M4 PDF

by Prestashop

CVEs (1)

  • CVE-2022-45447Sep 20, 2023
    risk 0.00cvss epss 0.01

    M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this…