AskarLabs AskarLabs
Home

CMS Security

vs vScan Continuous CMS vulnerability scanning wa WP-Audit Wordpress Security Audit Tool

Identity & Access

pl PasswordLab Self-hosted password manager for business
Docs

Browse

all All CVEs Full database, no filters wp WooCommerce CVEs Plugins wp Elementor CVEs Plugins

By Platform

wp WordPress CVEs Plugins, themes & core jm Joomla CVEs Extensions & core dr Drupal CVEs Modules & core
Talk to us
Home / CVE Database / CVE-2024-56527
CVE-2024-56527

CVE-2024-56527

Vendor Tecnick
Product tcpdf
Weakness CWE-79 · XSS
Published December 27, 2024
Last update November 3, 2025
View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.

Key dates

02Disclosure timeline

December 27, 2024 CVE published
November 3, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-56527 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2025-46930 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2025-46250 WordPress VForm plugin <= 3.1.14 - Cross Site Scripting (XSS) Vulnerability CVE-2025-13738 Easy Table of Contents <= 2.0.78 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-5945 WP SVG Images <= 4.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG CVE-2025-26561 WordPress Elfsight Yottie Lite Plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability

Identifiers

CVE CVE-2024-56527
CWE CWE-79

Affected versions

Vendor Tecnick
Product tcpdf
Affected < 6.8.0
ASKARLABS
AskarLabs

We build essential tools for the teams keeping things running - quiet, honest software for the sites you ship and the secrets your team types every day.

CMS Security

  • vScan
  • WP-Audit

Identity & Access

  • PasswordLab
  • Features
  • Pricing
  • Free license

Resources

  • Docs
  • CVE Database
  • WordPress CVEs
  • Joomla CVEs
  • Drupal CVEs

Company

  • Contact
  • Security

Legal

  • Privacy
  • Terms
  • Cookies
  • GDPR
© 2026 AskarLabs. All trademarks are the property of their respective owners.
AskarLabs
CMS Security
vScan WP Audit
Identity & Access
PasswordLab Docs
CVE Database
All CVEs WordPress CVEs Joomla CVEs Drupal CVEs Talk to us