Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by print_my_blog_project
CVE-2024-37271 (GCVE-0-2024-37271)
Vulnerability from nvd – Published: 2024-07-22 08:44 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress Print My Blog plugin <= 3.27.0 - Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through <= 3.27.0.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
| https://patchstack.com/database/vulnerability/pri… | vdb-entryx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Michael Nelson | Print My Blog |
Affected:
0 , ≤ 3.27.0
(custom)
|
Date Public
2026-04-01 16:26
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T13:26:53.731820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T13:27:06.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/print-my-blog/wordpress-print-my-blog-plugin-3-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "print-my-blog",
"product": "Print My Blog",
"vendor": "Michael Nelson",
"versions": [
{
"changes": [
{
"at": "3.27.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.27.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "CatFather | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:26:24.579Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Michael Nelson Print My Blog print-my-blog.\u003cp\u003eThis issue affects Print My Blog: from n/a through \u003c= 3.27.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through \u003c= 3.27.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:58.654Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/print-my-blog/vulnerability/wordpress-print-my-blog-plugin-3-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Print My Blog plugin \u003c= 3.27.0 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37271",
"datePublished": "2024-07-22T08:44:48.776Z",
"dateReserved": "2024-06-04T16:47:15.487Z",
"dateUpdated": "2026-04-28T16:09:58.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-24636 (GCVE-0-2021-24636)
Vulnerability from nvd – Published: 2021-09-20 10:06 – Updated: 2024-08-03 19:35
VLAI
EPSS
VEX
Title
Print My Blog < 3.4.2 - Plugin Deactivation via CSRF
Summary
The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/db8ace7b-7a44-46… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Print My Blog – Print, PDF, & eBook Converter WordPress Plugin |
Affected:
3.4.2 , < 3.4.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:35:20.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.4.2",
"status": "affected",
"version": "3.4.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-20T10:06:40.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Print My Blog \u003c 3.4.2 - Plugin Deactivation via CSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24636",
"STATE": "PUBLIC",
"TITLE": "Print My Blog \u003c 3.4.2 - Plugin Deactivation via CSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24636",
"datePublished": "2021-09-20T10:06:40.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:35:20.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11565 (GCVE-0-2019-11565)
Vulnerability from nvd – Published: 2019-04-27 13:15 – Updated: 2024-08-04 22:55
VLAI
EPSS
VEX
Summary
Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf | x_refsource_MISC |
| https://wordpress.org/plugins/print-my-blog/#developers | x_refsource_MISC |
| https://github.com/mnelson4/printmyblog/commit/85… | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset?old_… | x_refsource_MISC |
| https://wpvulndb.com/vulnerabilities/9263 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-27T15:06:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf",
"refsource": "MISC",
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"name": "https://wordpress.org/plugins/print-my-blog/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"name": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21",
"refsource": "MISC",
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9263",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11565",
"datePublished": "2019-04-27T13:15:49.000Z",
"dateReserved": "2019-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:55:41.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37271 (GCVE-0-2024-37271)
Vulnerability from cvelistv5 – Published: 2024-07-22 08:44 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress Print My Blog plugin <= 3.27.0 - Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through <= 3.27.0.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
| https://patchstack.com/database/vulnerability/pri… | vdb-entryx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Michael Nelson | Print My Blog |
Affected:
0 , ≤ 3.27.0
(custom)
|
Date Public
2026-04-01 16:26
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T13:26:53.731820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T13:27:06.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/print-my-blog/wordpress-print-my-blog-plugin-3-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "print-my-blog",
"product": "Print My Blog",
"vendor": "Michael Nelson",
"versions": [
{
"changes": [
{
"at": "3.27.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.27.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "CatFather | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:26:24.579Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Michael Nelson Print My Blog print-my-blog.\u003cp\u003eThis issue affects Print My Blog: from n/a through \u003c= 3.27.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through \u003c= 3.27.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:58.654Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/print-my-blog/vulnerability/wordpress-print-my-blog-plugin-3-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Print My Blog plugin \u003c= 3.27.0 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37271",
"datePublished": "2024-07-22T08:44:48.776Z",
"dateReserved": "2024-06-04T16:47:15.487Z",
"dateUpdated": "2026-04-28T16:09:58.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-24636 (GCVE-0-2021-24636)
Vulnerability from cvelistv5 – Published: 2021-09-20 10:06 – Updated: 2024-08-03 19:35
VLAI
EPSS
VEX
Title
Print My Blog < 3.4.2 - Plugin Deactivation via CSRF
Summary
The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/db8ace7b-7a44-46… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Print My Blog – Print, PDF, & eBook Converter WordPress Plugin |
Affected:
3.4.2 , < 3.4.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:35:20.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.4.2",
"status": "affected",
"version": "3.4.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-20T10:06:40.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Print My Blog \u003c 3.4.2 - Plugin Deactivation via CSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24636",
"STATE": "PUBLIC",
"TITLE": "Print My Blog \u003c 3.4.2 - Plugin Deactivation via CSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24636",
"datePublished": "2021-09-20T10:06:40.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:35:20.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11565 (GCVE-0-2019-11565)
Vulnerability from cvelistv5 – Published: 2019-04-27 13:15 – Updated: 2024-08-04 22:55
VLAI
EPSS
VEX
Summary
Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf | x_refsource_MISC |
| https://wordpress.org/plugins/print-my-blog/#developers | x_refsource_MISC |
| https://github.com/mnelson4/printmyblog/commit/85… | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset?old_… | x_refsource_MISC |
| https://wpvulndb.com/vulnerabilities/9263 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-27T15:06:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf",
"refsource": "MISC",
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"name": "https://wordpress.org/plugins/print-my-blog/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"name": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21",
"refsource": "MISC",
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9263",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11565",
"datePublished": "2019-04-27T13:15:49.000Z",
"dateReserved": "2019-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:55:41.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}