CVE-2023-46154

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 19, 2023

Updated: Dec 22, 2023

CWE ID 502

Summary

CVE-2023-46154 refers to a Deserialization of Untrusted Data vulnerability found in the E2Pdf – Export To Pdf Tool for WordPress. Affecting versions from n/a to 1.20.18, this issue puts WordPress websites using this plugin at risk. The vulnerability allows an attacker to execute arbitrary code on the affected system by sending a maliciously crafted PDF document, leading to potential unauthorized access or data manipulation. It is strongly recommended to update the plugin to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

E2pdf

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tCsGDo
https://www.cve.org/CVERecord?id=CVE-2023-46154
https://nvd.nist.gov/vuln/detail/CVE-2023-46154

Back to Vulnerability Database

CVE-2023-46154

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations