๐Ÿ” CVE Alert

CVE-2026-32349

MEDIUM 4.9

WordPress Embed PDF Viewer plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerability

CVSS Score
4.9
EPSS Score
0.0%
EPSS Percentile
0th

Server-Side Request Forgery (SSRF) vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer allows Server Side Request Forgery.This issue affects Embed PDF Viewer: from n/a through <= 2.4.7.

CWE CWE-918
Vendor andy fragen
Product embed pdf viewer
Published Mar 13, 2026
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for andy fragen embed pdf viewer

Be the first to know when new medium vulnerabilities affecting andy fragen embed pdf viewer are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Andy Fragen / Embed PDF Viewer
0 โ‰ค 2.4.7

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/embed-pdf-viewer/vulnerability/wordpress-embed-pdf-viewer-plugin-2-4-7-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Credits

Mike Montoya | Patchstack Bug Bounty Program