What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in wpexperts.Io WP PDF Generator plugin <= 1.2.2 versions.
CVE-2023-35038
MEDIUM
CVE-2023-35038: WordPress WP PDF Generator Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Key dates
02Disclosure timeline
July 17, 2023
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-46462 WordPress WPVN plugin <= 0.7.8 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2022-22808
CVE-2024-37448 WordPress OnePress theme <= 2.3.6 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-0590 Microsoft Clarity <= 0.9.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
CVE-2025-32502 WordPress ePaper Lister for Yumpu plugin <= 1.4.0 - CSRF to Stored XSS vulnerability
