VYPR

uDraw WordPress plugin

by WordPress

CVEs (1)

  • CVE-2022-0656HigApr 25, 2022
    risk 0.49cvss 7.5epss 0.08

    The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content…