What is the severity of CVE-2023-46154?

CVE-2023-46154 is classified as a high severity vulnerability due to its potential for allowing remote code execution through deserialization of untrusted data.

How do I fix CVE-2023-46154?

To fix CVE-2023-46154, update the E2Pdf – Export To Pdf Tool for WordPress to version 1.20.19 or later, as this version addresses the vulnerability.

What are the potential impacts of CVE-2023-46154?

The potential impacts of CVE-2023-46154 include unauthorized access to sensitive data and the ability to execute arbitrary PHP code on the affected site.

Which versions of E2Pdf are affected by CVE-2023-46154?

All versions of E2Pdf – Export To Pdf Tool for WordPress from the initial release up to and including version 1.20.18 are affected by CVE-2023-46154.

Is there a workaround for CVE-2023-46154 before applying the patch?

As a workaround for CVE-2023-46154, it is recommended to disable the E2Pdf plugin until it can be updated to the fixed version.

Vulnerability/
CVE-2023-46154

high

7.2

CWE

502

18/12/2023

2/8/2024

CVE-2023-46154: WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection

First published: Mon Dec 18 2023(Updated: )

Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18.

Credit: audit@patchstack.com

Affected Software	Affected Version	How to fix
E2pdf	<=1.20.18

Remedy

Update to 1.20.19 or a higher version.

Never miss a vulnerability like this again

Reference Links

https://patchstack.com/database/vulnerability/e2pdf/wordpress-e2pdf-plugin-1-20-18-php-object-injection-vulnerability?_s_id=cve

Frequently Asked Questions

What is the severity of CVE-2023-46154?
CVE-2023-46154 is classified as a high severity vulnerability due to its potential for allowing remote code execution through deserialization of untrusted data.
How do I fix CVE-2023-46154?
To fix CVE-2023-46154, update the E2Pdf – Export To Pdf Tool for WordPress to version 1.20.19 or later, as this version addresses the vulnerability.
What are the potential impacts of CVE-2023-46154?
The potential impacts of CVE-2023-46154 include unauthorized access to sensitive data and the ability to execute arbitrary PHP code on the affected site.
Which versions of E2Pdf are affected by CVE-2023-46154?
All versions of E2Pdf – Export To Pdf Tool for WordPress from the initial release up to and including version 1.20.18 are affected by CVE-2023-46154.
Is there a workaround for CVE-2023-46154 before applying the patch?
As a workaround for CVE-2023-46154, it is recommended to disable the E2Pdf plugin until it can be updated to the fixed version.

agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/title
agent/author
agent/remedy
agent/last-modified-date
agent/weakness
agent/description
agent/source
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
vendor/e2pdf
canonical/e2pdf
version/e2pdf/1.20.18

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.