Search criteria
3 vulnerabilities by print_my_blog_project
CVE-2024-37271 (GCVE-0-2024-37271)
Vulnerability from cvelistv5 – Published: 2024-07-22 08:44 – Updated: 2026-04-28 16:09
VLAI?
Title
WordPress Print My Blog plugin <= 3.27.0 - Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through <= 3.27.0.
Severity ?
5.9 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Michael Nelson | Print My Blog |
Affected:
0 , ≤ 3.27.0
(custom)
|
Date Public ?
2026-04-01 16:26
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T13:26:53.731820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T13:27:06.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/print-my-blog/wordpress-print-my-blog-plugin-3-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "print-my-blog",
"product": "Print My Blog",
"vendor": "Michael Nelson",
"versions": [
{
"changes": [
{
"at": "3.27.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.27.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "CatFather | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:26:24.579Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Michael Nelson Print My Blog print-my-blog.\u003cp\u003eThis issue affects Print My Blog: from n/a through \u003c= 3.27.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through \u003c= 3.27.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:58.654Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/print-my-blog/vulnerability/wordpress-print-my-blog-plugin-3-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Print My Blog plugin \u003c= 3.27.0 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37271",
"datePublished": "2024-07-22T08:44:48.776Z",
"dateReserved": "2024-06-04T16:47:15.487Z",
"dateUpdated": "2026-04-28T16:09:58.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-24636 (GCVE-0-2021-24636)
Vulnerability from cvelistv5 – Published: 2021-09-20 10:06 – Updated: 2024-08-03 19:35
VLAI?
Title
Print My Blog < 3.4.2 - Plugin Deactivation via CSRF
Summary
The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link
Severity ?
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Print My Blog – Print, PDF, & eBook Converter WordPress Plugin |
Affected:
3.4.2 , < 3.4.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:35:20.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.4.2",
"status": "affected",
"version": "3.4.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-20T10:06:40.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Print My Blog \u003c 3.4.2 - Plugin Deactivation via CSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24636",
"STATE": "PUBLIC",
"TITLE": "Print My Blog \u003c 3.4.2 - Plugin Deactivation via CSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/db8ace7b-7a44-4620-9fe8-ddf0ad520f5e"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24636",
"datePublished": "2021-09-20T10:06:40.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:35:20.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11565 (GCVE-0-2019-11565)
Vulnerability from cvelistv5 – Published: 2019-04-27 13:15 – Updated: 2024-08-04 22:55
VLAI?
Summary
Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-27T15:06:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf",
"refsource": "MISC",
"url": "http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf"
},
{
"name": "https://wordpress.org/plugins/print-my-blog/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/print-my-blog/#developers"
},
{
"name": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21",
"refsource": "MISC",
"url": "https://github.com/mnelson4/printmyblog/commit/8584a2839a541eb29fca64252e388c827af3ec21"
},
{
"name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fprint-my-blog%2Ftrunk\u0026old=2075667\u0026new_path=%2Fprint-my-blog%2Ftrunk\u0026new=2075667"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9263",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11565",
"datePublished": "2019-04-27T13:15:49.000Z",
"dateReserved": "2019-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:55:41.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}