CVE-2026-39686
- EPSS 0.23%
- Veröffentlicht 08.04.2026 08:30:43
- Zuletzt bearbeitet 29.04.2026 10:17:40
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through <= 3.7.2.
CVE-2025-4970
- EPSS 0.27%
- Veröffentlicht 12.12.2025 07:20:34
- Zuletzt bearbeitet 15.04.2026 00:35:42
The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-38767
- EPSS 0.25%
- Veröffentlicht 20.07.2024 08:15:15
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BannerSky.Com BSK PDF Manager allows Stored XSS.This issue affects BSK PDF Manager: from n/a through 3.6.
CVE-2023-5110
- EPSS 0.45%
- Veröffentlicht 25.10.2023 18:17:42
- Zuletzt bearbeitet 08.04.2026 18:18:22
The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'bsk-pdfm-category-dropdown' shortcode in versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attri...
CVE-2021-24860
- EPSS 1.28%
- Veröffentlicht 29.11.2021 09:15:07
- Zuletzt bearbeitet 21.11.2024 05:53:54
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue
CVE-2014-4944
- EPSS 3.55%
- Veröffentlicht 14.07.2014 14:55:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.p...