Severity by source
AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
PR:H confirmed by description; AC:L because settings injection is straightforward once authenticated; UI:R because a victim must visit the page for the stored payload to execute.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The Print, PDF, Email by PrintFriendly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'content_position_css' parameter in all versions up to, and including, 5.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
AnalysisAI
Stored Cross-Site Scripting in the Print, PDF, Email by PrintFriendly WordPress plugin (versions through 5.5.10) allows authenticated administrators to inject persistent JavaScript via the 'content_position_css' parameter, which executes in the browsers of any user who visits an affected page. The scope change (S:C) in the CVSS vector confirms the injected script breaks out of the plugin's security context into victim browsers, enabling session hijacking, credential theft, or malicious redirects against site visitors. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated session with WordPress administrator-level privileges or higher - this is not exploitable by subscribers, contributors, authors, or editors in a standard WordPress role configuration. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The real-world risk of this vulnerability is low for most organizations despite the scope change in the CVSS vector. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has gained administrator access to a WordPress site - either through credential theft, phishing, or brute force - navigates to the PrintFriendly plugin settings and enters a JavaScript payload (e.g., a cookie-stealing script) into the 'content_position_css' field. The payload is stored in the WordPress database and rendered unsanitized into page HTML; any visitor who subsequently loads a page with the PrintFriendly widget executes the script in their browser, potentially exposing session tokens or enabling account takeover of non-administrator users. … |
| Remediation | Update the Print, PDF, Email by PrintFriendly plugin to a version beyond 5.5.10. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text
Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor pat
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43136
GHSA-8x58-jxvx-j57w