VYPR

article2pdf

by WordPress

CVEs (2)

  • CVE-2019-1010257CriMar 27, 2019
    risk 0.59cvss 9.1epss 0.04

    An Information Disclosure / Data Modification issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to…

  • CVE-2019-1000031HigMar 27, 2019
    risk 0.49cvss 7.5epss 0.04

    A disk space or quota exhaustion issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in.