3D FlipBook Vulnerable to Cross-site Scripting
CVE-2024-32694
7.1HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 22 April 2024
What is CVE-2024-32694?
A reflected cross-site scripting (XSS) vulnerability exists in the Real 3D FlipBook, PDF Viewer, and PDF Embedder WordPress Plugin, allowing attackers to inject malicious scripts into web pages. This vulnerability can be exploited through improper handling of input during the web page generation process. As a result, users may inadvertently execute compromised scripts when interacting with affected versions of the plugin, leading to unauthorized actions or exposure of sensitive information.
Affected Version(s)
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin <= 3.62