WordPress Plugin Vulnerabilities

E2Pdf < 1.20.19 - Authenticated (Administrator+) PHP Object Injection

Description

The E2Pdf plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.20.18 via deserialization of untrusted input within the import_action and ajax_upload functions. This makes it possible for authenticated attackers, with administrative-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

Affects Plugins

Plugin icon
e2pdf
Fixed in 1.20.19

References

CVE
CVE-2023-46154
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/ea7f654b-88d1-4ed8-bab0-701e2e66e060

Classification

Type
OBJECT INJECTION
OWASP top 10
A8: Insecure Deserialization
CWE
CWE-502
CVSS
7.2 (high)

Miscellaneous

Original Researcher
Rein Daelman (trein)
Verified
No
WPVDB ID
5b021d28-22c4-42b8-ac65-5772fb1d780d

Timeline

Publicly Published
2023-10-17 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2024-01-12 (about 2 years ago)

Other

Published
Title
Published
2021-03-25
Title
Facebook for WordPress < 3.0.0 - PHP Object Injection with POP Chain
Published
2025-04-25
Title
Jupiter X Core < 4.8.12 - Unauthenticated PHP Object Injection via PHAR
Published
2025-04-03
Title
Testimonial Slider < 2.0.14 - Authenticated (Contributor+) PHP Object Injection
Published
2026-03-17
Title
Travel Booking WordPress Theme < 3.2.8.1 - Unauthenticated PHP Object Injection
Published
2025-08-19
Title
White Rabbit <= 1.5.2 - Unauthenticated PHP Object Injection