The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
.pdf24Plugin-cp { border:1px solid silver; } .pdf24Plugin-cp input[type=βtextβ] { width:200px; border:1px solid silver; margin:0; padding:2px; } .pdf24Plugin-cp input[type=βsubmitβ] { margin:0; padding:2px 10px !important; } .pdf24Plugin-cp form { margin:0; padding:0; } .pdf24Plugin-cp img { height:32px; } .pdf24Plugin-cp span, .pdf24Plugin-cp input, .pdf24Plugin-cp img { vertical-align:middle; } .pdf24Plugin-cp * { font-size:90%; } .pdf24Plugin-sbp { text-align:center; border: 1px solid silver; padding: 5px; } .pdf24Plugin-sbp-link a { font-weight:bold; } .pdf24Plugin-sbp-bl { font-size:smaller; } .pdf24Plugin-tbp { padding: 3px; width:600px; margin:auto; } .pdf24Plugin-tbp * { font-size: 90%; } .pdf24Plugin-lp-link a { }
{content}
{dateTime} {author}
{text}
CPE | Name | Operator | Version |
---|---|---|---|
pdf24-posts-to-pdf | eq | * |