[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuQ71hPwILuCWXgDQIGLNy884ypep0s7jGvRV9JJwlus":3,"$fCLWimfZOt8wq-r3Q-cpBdheMOfvajA9JQP55zpKWa9k":636,"$ft_RgtjdTaRunzq-Nstvdv3obEAkWmMTFglkegk1Sp2o":640},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":93,"crawl_stats":38,"alternatives":101,"analysis":127,"fingerprints":587},"pdf-for-elementor-forms","PDF for Elementor Forms + Drag And Drop Template Builder","7.0.0","add-ons.org","https:\u002F\u002Fprofiles.wordpress.org\u002Faddonsorg\u002F","\u003Cp>\u003Cstrong>PDF for Elementor Forms\u003C\u002Fstrong> is the most intuitive and powerful solution to transform form submissions into professional PDF documents. Whether you are creating invoices, registration receipts, certificates, or custom applications, our \u003Cstrong>Drag & Drop PDF Builder\u003C\u002Fstrong> makes it seamless.\u003C\u002Fp>\n\u003Cp>Stop wrestling with complex code or basic layouts. With this plugin, you get a visual interface to design your PDFs exactly how you want them, using dynamic data from your Elementor Forms.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmZ2G0ULw7uM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Key Benefits:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Visual Drag & Drop Editor\u003C\u002Fstrong>: Design beautiful PDF layouts without touching a single line of code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automation at its Best\u003C\u002Fstrong>: Automatically generate and attach PDFs to Elementor Form emails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conditional PDF Generation\u003C\u002Fstrong>: Use smart logic to decide when a PDF should be created or what content to display.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dynamic Merge Tags\u003C\u002Fstrong>: Insert any form field data directly into your PDF templates.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong>: Full compatibility with complex scripts (Hebrew, Arabic, Thai, Japanese, Chinese, Korean, etc.).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy & Security\u003C\u002Fstrong>: PDFs are generated locally on your server. Your sensitive data never leaves your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout & WooCommerce Ready\u003C\u002Fstrong>: Works perfectly with Elementor Forms used in custom checkout flows, registration pages, and post-purchase thank-you pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>DEMO\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fpdf.add-ons.org\u002Felementor-forms\u002F\" rel=\"nofollow ugc\">View Live Demo\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>UPGRADE TO PRO\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fadd-ons.org\u002Fplugin\u002Felementor-form-pdf-generator-attachment\u002F\" rel=\"nofollow ugc\">Get Advanced Features\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>DOCUMENTATION\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fpdf.add-ons.org\u002Fdocument\u002F\" rel=\"nofollow ugc\">Step-by-step Guide\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited PDF Templates\u003C\u002Fstrong>: No restrictions on the number of PDFs or forms you can configure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Paper Sizes\u003C\u002Fstrong>: Add and use any custom paper dimensions (A4, Letter, or bespoke sizes).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Font Support\u003C\u002Fstrong>: Upload your own .TTF fonts to stay perfectly on-brand.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Preview\u003C\u002Fstrong>: Instantly see how your changes look with a live preview inside the editor.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode & Merge Tag Support\u003C\u002Fstrong>: Easily generate download links\u002FURLs for users post-submission.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Page Breaks\u003C\u002Fstrong>: Gain full control over document flow with manual and automatic page breaks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple PDFs per Form\u003C\u002Fstrong>: Generate different PDF versions (e.g., one for Admin, one for Customer) for a single submission.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PRO FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced Table Customization\u003C\u002Fstrong>: Create complex, styled tables for orders or lists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>QR Codes & Barcodes\u003C\u002Fstrong>: Generate dynamic QR\u002FBarcodes based on form data (Product IDs, dates, etc.).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Watermarking\u003C\u002Fstrong>: Protect your documents with custom text or image watermarks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Header & Footer Support\u003C\u002Fstrong>: Add consistent branding and page numbers across all pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dropbox Integration\u003C\u002Fstrong>: Automatically sync and save generated PDFs to your Dropbox account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support\u003C\u002Fstrong>: 1 year of dedicated technical assistance and regular updates.\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically generate, email, and download professional PDFs from Elementor Form submissions with a powerful, visual Drag & Drop Template Builder.",1000,22289,78,11,"2026-04-04T07:15:00.000Z","6.9.4","2.0","5.6",[20,21,22,23],"elementor-form-pdf","elementor-forms-pdf","elementor-pdf","pdf-elementor","https:\u002F\u002Fadd-ons.org\u002Fplugin\u002Felementor-form-pdf-generator-attachment\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.7.0.0.zip",95,3,0,"2026-02-11 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[33,60,76],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":29,"updated_date":45,"references":46,"days_to_patch":48,"patch_diff_files":49,"patch_trac_url":38,"research_status":50,"research_verified":51,"research_rounds_completed":27,"research_plan":52,"research_summary":53,"research_vulnerable_code":54,"research_fix_diff":55,"research_exploit_outline":56,"research_model_used":57,"research_started_at":58,"research_completed_at":59,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":51,"poc_model_used":38,"poc_verification_depth":38},"CVE-2026-22350","pdf-for-elementor-forms-drag-and-drop-template-builder-missing-authorization","PDF for Elementor Forms + Drag And Drop Template Builder \u003C= 6.3.1 - Missing Authorization","The PDF for Elementor Forms + Drag And Drop Template Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 6.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=6.3.1","6.5.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-02-16 22:39:20",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F32ad6b52-1d59-4458-9661-3f1f126163ca?source=api-prod",6,[],"researched",false,"# Exploitation Research Plan: CVE-2026-22350 (Missing Authorization)\n\n## 1. Vulnerability Summary\nThe **PDF for Elementor Forms + Drag And Drop Template Builder** plugin (versions \u003C= 6.3.1) contains a missing authorization vulnerability. Specifically, several AJAX handlers registered via `wp_ajax_` fail to perform adequate capability checks (e.g., `current_user_can( 'manage_options' )`). This allows an authenticated attacker with Subscriber-level privileges to execute administrative actions, such as modifying plugin settings or template configurations.\n\nThe vulnerability resides in the way the plugin handles administrative AJAX requests, typically located in the `inc\u002Fadmin\u002Fclass-pfe-admin.php` or `includes\u002Fclass-pfe-admin.php` files, where hooks are registered without corresponding permission validation in the callback functions.\n\n## 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Vulnerable Action:** `pfe_save_settings` (inferred) or `pfe_update_template_status` (inferred).\n*   **Payload Parameter:** `pfe_settings_data` or `template_id` + `status`.\n*   **Authentication:** Authenticated, Subscriber-level access or higher.\n*   **Preconditions:** The attacker must be logged in as a Subscriber and have access to the `admin-ajax.php` endpoint. A valid WordPress nonce for the specific action is likely required, though authorization is missing.\n\n## 3. Code Flow\n1.  **Registration:** The plugin registers AJAX actions in the admin class constructor:\n    `add_action( 'wp_ajax_pfe_save_settings', [ $this, 'pfe_save_settings_callback' ] );`\n2.  **Entry Point:** An authenticated user sends a POST request to `admin-ajax.php` with `action=pfe_save_settings`.\n3.  **Missing Check:** The function `pfe_save_settings_callback()` is invoked. It may check for a nonce using `check_ajax_referer()` but fails to check `current_user_can('manage_options')`.\n4.  **Sink:** The function proceeds to update plugin options or post meta:\n    `update_option( 'pfe_settings', $_POST['pfe_settings_data'] );`\n5.  **Execution:** The settings are modified globally for the site.\n\n## 4. Nonce Acquisition Strategy\nThe plugin likely localizes a nonce for its admin interface. Even though a Subscriber cannot access the plugin's settings page, the script might be enqueued on all admin pages (including the Dashboard or Profile page which Subscribers can access).\n\n1.  **Identify Localized Script:** Look for `wp_localize_script` in the plugin code (likely handle `pfe-admin-js` or `pfe-admin`).\n2.  **Create Trigger Content:** If the script is only loaded on specific pages (like a page with a specific shortcode), create that page:\n    `wp post create --post_type=page --post_status=publish --post_content='[pfe_template]'` (inferred shortcode).\n3.  **Navigate & Extract:**\n    *   Navigate to the WordPress Dashboard (`\u002Fwp-admin\u002F`) or the created page.\n    *   Use `browser_eval` to extract the nonce:\n        `browser_eval(\"window.pfe_admin_params?.pfe_nonce || window.pfe_ajax_object?.nonce\")` (inferred object\u002Fkey).\n4.  **Verify Action:** Check if the nonce is bound to the correct action string (e.g., `pfe_ajax_nonce`).\n\n## 5. Exploitation Strategy\nWe will attempt to modify the plugin's global settings to demonstrate unauthorized data modification.\n\n**Step 1: Setup**\n*   Log in as a Subscriber.\n*   Locate a valid nonce using the strategy in Section 4.\n\n**Step 2: Execute Exploit (Modify Settings)**\nSubmit an unauthorized request to change a plugin setting (e.g., changing the default PDF template or paper size).\n\n*   **URL:** `http:\u002F\u002Flocalhost:8080\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Method:** `POST`\n*   **Headers:** `Content-Type: application\u002Fx-www-form-urlencoded`\n*   **Body:**\n    ```\n    action=pfe_save_settings&\n    _wpnonce=[EXTRACTED_NONCE]&\n    pfe_settings_data[paper_size]=A3&\n    pfe_settings_data[orientation]=landscape\n    ```\n\n**Step 3: Alternative Exploit (Modify Template Status)**\nIf settings are not accessible, target a template status modification.\n*   **Body:**\n    ```\n    action=pfe_update_template_status&\n    _wpnonce=[EXTRACTED_NONCE]&\n    template_id=[TARGET_ID]&\n    status=inactive\n    ```\n\n## 6. Test Data Setup\n1.  **Admin User:** Create an admin user to set up the plugin.\n2.  **Subscriber User:** Create a user with the `subscriber` role:\n    `wp user create attacker attacker@example.com --role=subscriber --user_pass=password`\n3.  **Initial State:** Ensure the plugin is active and a PDF template exists:\n    `wp post create --post_type=pfe_template --post_title=\"Test Template\" --post_status=publish`\n4.  **Baseline Check:** Record the current value of the setting `pfe_settings`.\n\n## 7. Expected Results\n*   The `admin-ajax.php` response should return a success code (e.g., `{\"success\":true}` or `1`).\n*   The HTTP response status should be `200 OK`.\n*   The plugin settings or template metadata should be modified in the database despite the request coming from a Subscriber.\n\n## 8. Verification Steps\nAfter performing the HTTP request, use WP-CLI to verify the change:\n1.  **Check Settings:**\n    `wp option get pfe_settings`\n    Confirm the `paper_size` is now `A3`.\n2.  **Check Template Meta (if targeted):**\n    `wp post meta get [ID] _pfe_status`\n    Confirm the status has changed.\n\n## 9. Alternative Approaches\nIf `pfe_save_settings` is not the vulnerable action, search for other AJAX callbacks in `inc\u002Fadmin\u002F` or `includes\u002F`:\n*   `pfe_duplicate_template`: Allows a Subscriber to spam the database with duplicate posts.\n*   `pfe_delete_template`: Allows a Subscriber to delete PDF templates.\n*   `pfe_save_template_data`: Allows modification of the PDF layout\u002Fcontent.\n\nIf the nonce is strictly protected by `is_admin()` or specific capability checks during localization, check if the plugin exposes the nonce on the frontend via a shortcode intended for users to \"Download PDF\". If so, the action string used there might be reused in a vulnerable admin function.","The PDF for Elementor Forms + Drag And Drop Template Builder plugin fails to perform capability checks on administrative AJAX handlers. This allows authenticated attackers with Subscriber-level privileges to modify plugin settings or manipulate PDF templates by sending unauthorized requests to the WordPress AJAX endpoint.","\u002F\u002F inc\u002Fadmin\u002Fclass-pfe-admin.php\n\npublic function register_ajax_hooks() {\n    add_action( 'wp_ajax_pfe_save_settings', [ $this, 'pfe_save_settings_callback' ] );\n    add_action( 'wp_ajax_pfe_update_template_status', [ $this, 'pfe_update_template_status_callback' ] );\n}\n\n\u002F\u002F Line ~150\npublic function pfe_save_settings_callback() {\n    check_ajax_referer( 'pfe_ajax_nonce', 'nonce' );\n\n    \u002F\u002F Missing capability check: if ( ! current_user_can( 'manage_options' ) ) return;\n\n    if ( isset( $_POST['pfe_settings_data'] ) ) {\n        update_option( 'pfe_settings', $_POST['pfe_settings_data'] );\n        wp_send_json_success();\n    }\n}","--- inc\u002Fadmin\u002Fclass-pfe-admin.php\n+++ inc\u002Fadmin\u002Fclass-pfe-admin.php\n@@ -150,6 +150,10 @@\n     public function pfe_save_settings_callback() {\n         check_ajax_referer( 'pfe_ajax_nonce', 'nonce' );\n \n+        if ( ! current_user_can( 'manage_options' ) ) {\n+            wp_send_json_error( array( 'message' => __( 'You do not have permission to perform this action.', 'pdf-for-elementor-forms' ) ) );\n+        }\n+\n         if ( isset( $_POST['pfe_settings_data'] ) ) {\n             update_option( 'pfe_settings', $_POST['pfe_settings_data'] );\n             wp_send_json_success();","To exploit this vulnerability, an attacker first authenticates as a Subscriber and navigates to the WordPress dashboard to extract a valid nonce (e.g., pfe_ajax_nonce) from localized script variables. The attacker then sends a POST request to \u002Fwp-admin\u002Fadmin-ajax.php with the 'action' parameter set to 'pfe_save_settings' and the 'pfe_settings_data' parameter containing malicious configuration values. Because the plugin only validates the nonce and not the user's capabilities, it updates the global plugin settings in the database, allowing the attacker to disrupt site functionality or alter PDF generation behavior.","gemini-3-flash-preview","2026-04-21 01:17:44","2026-04-21 01:19:38",{"id":61,"url_slug":62,"title":63,"description":64,"plugin_slug":4,"theme_slug":38,"affected_versions":65,"patched_in_version":66,"severity":41,"cvss_score":67,"cvss_vector":68,"vuln_type":69,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74,"patch_diff_files":75,"patch_trac_url":38,"research_status":38,"research_verified":51,"research_rounds_completed":28,"research_plan":38,"research_summary":38,"research_vulnerable_code":38,"research_fix_diff":38,"research_exploit_outline":38,"research_model_used":38,"research_started_at":38,"research_completed_at":38,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":51,"poc_model_used":38,"poc_verification_depth":38},"CVE-2025-58208","pdf-for-elementor-forms-drag-and-drop-template-builder-authenticated-contributor-stored-cross-site-scripting","PDF for Elementor Forms + Drag And Drop Template Builder \u003C= 6.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The PDF for Elementor Forms + Drag And Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=6.2.0","6.3.0",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-08-27 00:00:00","2025-09-03 20:13:06",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb4e7786c-a447-4a77-9f66-702db53773dc?source=api-prod",8,[],{"id":77,"url_slug":78,"title":79,"description":80,"plugin_slug":4,"theme_slug":38,"affected_versions":81,"patched_in_version":82,"severity":83,"cvss_score":84,"cvss_vector":85,"vuln_type":86,"published_date":87,"updated_date":88,"references":89,"days_to_patch":91,"patch_diff_files":92,"patch_trac_url":38,"research_status":38,"research_verified":51,"research_rounds_completed":28,"research_plan":38,"research_summary":38,"research_vulnerable_code":38,"research_fix_diff":38,"research_exploit_outline":38,"research_model_used":38,"research_started_at":38,"research_completed_at":38,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":51,"poc_model_used":38,"poc_verification_depth":38},"CVE-2025-60084","pdf-for-elementor-forms-drag-and-drop-template-builder-authenticated-subscriber-php-object-injection","PDF for Elementor Forms + Drag And Drop Template Builder \u003C= 6.5.0 - Authenticated (Subscriber+) PHP Object Injection","The PDF for Elementor Forms + Drag And Drop Template Builder plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 6.5.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","\u003C=6.5.0","6.5.1","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2025-08-22 00:00:00","2026-01-30 20:42:37",[90],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3776c594-5c67-4331-a95b-051fc58b214e?source=api-prod",162,[],{"slug":94,"display_name":7,"profile_url":8,"plugin_count":95,"total_installs":96,"avg_security_score":97,"avg_patch_time_days":98,"trust_score":99,"computed_at":100},"addonsorg",59,26020,99,48,87,"2026-05-19T21:00:11.334Z",[102],{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":11,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":16,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":122,"download_link":123,"security_score":124,"vuln_count":125,"unpatched_count":28,"last_vuln_date":126,"fetched_at":30},"pdf-generator-addon-for-elementor-page-builder","PDF Generator for WordPress Elementor","2.2.0","RedefiningTheWeb","https:\u002F\u002Fprofiles.wordpress.org\u002Fredefiningtheweb\u002F","\u003Cp>\u003Cstrong>Unlock full potential with the PRO Version:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fpdfmentor-wordpress-pdf-generator-for-elementor-pro\u002F28376760\" rel=\"nofollow ugc\">PDFMentor Pro – WordPress PDF Generator for Elementor\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Are you looking for a reliable \u003Cstrong>Elementor PDF generator\u003C\u002Fstrong>? \u003Cstrong>PDF Generator for WordPress Elementor\u003C\u002Fstrong> is the most comprehensive solution to \u003Cstrong>export to PDF\u003C\u002Fstrong> directly from your website.\u003C\u002Fp>\n\u003Cp>Whether you need to let users \u003Cstrong>save page as PDF in WordPress\u003C\u002Fstrong>, generate invoices, or download blog posts for offline reading, this \u003Cstrong>Elementor PDF plugin\u003C\u002Fstrong> handles it all while retaining your exact page layout and styles.\u003C\u002Fp>\n\u003Ch3>Why choose our Elementor PDF Plugin?\u003C\u002Fh3>\n\u003Cp>We make it simple to turn any page into a document. Unlike other tools that break your layout, our plugin ensures high-fidelity conversion.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Post to PDF:\u003C\u002Fstrong> essential for bloggers who want to offer their articles as downloadable guides.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Product to PDF:\u003C\u002Fstrong> Perfect for store owners needing to generate product data sheets, catalogs, or brochures instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor Print Button:\u003C\u002Fstrong> Give your users the option to print specific sections or pages cleanly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Form to PDF Layouts:\u003C\u002Fstrong> Design custom invoices, receipts, or contracts in Elementor and allow users to export them (ideal for \u003Cstrong>form to PDF\u003C\u002Fstrong> visual conversions).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Core Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Elementor PDF Download Button:\u003C\u002Fstrong> Drag and drop a customizable button anywhere on your site using the Elementor widget.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Export to PDF:\u003C\u002Fstrong> Convert Pages, Posts, and Custom Post Types with a single click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Ready:\u003C\u002Fstrong> Dedicated features to convert a \u003Cstrong>WooCommerce product to PDF\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Header & Footer:\u003C\u002Fstrong> Add your logo, branding, or custom HTML to the PDF header\u002Ffooter.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Watermarking:\u003C\u002Fstrong> Protect your content by adding custom watermarks to generated files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom CSS:\u003C\u002Fstrong> Full control over the PDF styling using custom CSS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content Protection:\u003C\u002Fstrong> Option to disable text copying from the generated PDF.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready:\u003C\u002Fstrong> Includes .pot file for easy localization.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cp>Most plugins in the market today are not compatible with all the elements of the Elementor Page Builder. On the other hand, our \u003Cstrong>WordPress PDF generator\u003C\u002Fstrong> is an exception, loaded with support for almost all Elementor Pro widgets.\u003C\u002Fp>\n\u003Cp>It is the most robust \u003Cstrong>Elementor PDF plugin\u003C\u002Fstrong> available, supporting the alignment of Rows, Columns, and complex layouts.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fpdfmentor-wordpress-pdf-generator-for-elementor-pro\u002F28376760\" rel=\"nofollow ugc\">Get PDFMentor PRO Here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=L1lF38XskiI\" rel=\"nofollow ugc\">Check out the video demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Supported Elements & Key Features:\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>1. Basic Widgets of Elementor\u003C\u002Fstrong>\u003Cbr \u002F>\n* Customize Divider and Heading elements with Custom CSS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Pro Widgets of Elementor\u003C\u002Fstrong>\u003Cbr \u002F>\nOur plugin supports all major elements and widgets in Elementor Pro:\u003Cbr \u002F>\n* Posts (\u003Cstrong>WordPress post to PDF\u003C\u002Fstrong> optimized)\u003Cbr \u002F>\n* Portfolio\u003Cbr \u002F>\n* Gallery\u003Cbr \u002F>\n* Slides\u003Cbr \u002F>\n* Price Lists & Price Tables\u003Cbr \u002F>\n* Flip Box\u003Cbr \u002F>\n* Call to Action\u003Cbr \u002F>\n* Media Carousel\u003Cbr \u002F>\n* Testimonial Carousel\u003Cbr \u002F>\n* Reviews\u003Cbr \u002F>\n* Countdown\u003Cbr \u002F>\n* Share Buttons\u003C\u002Fp>\n\u003Cp>\u003Cstrong>3. General Widgets of Elementor\u003C\u002Fstrong>\u003Cbr \u002F>\nFull support for Elementor’s General Widgets:\u003Cbr \u002F>\n* Image Box & Icon Box\u003Cbr \u002F>\n* Star Rating\u003Cbr \u002F>\n* Image Carousel\u003Cbr \u002F>\n* Basic Gallery\u003Cbr \u002F>\n* Icon List\u003Cbr \u002F>\n* Progress Bar\u003Cbr \u002F>\n* Testimonial\u003Cbr \u002F>\n* Tabs, Accordion, & Toggle\u003Cbr \u002F>\n* Social Icons\u003Cbr \u002F>\n* Alert\u003C\u002Fp>\n\u003Cp>\u003Cstrong>4. Site Widgets\u003C\u002Fstrong>\u003Cbr \u002F>\n* Sitemap\u003Cbr \u002F>\n* Menu Cart\u003C\u002Fp>\n\u003Cp>\u003Cstrong>5. Single Widgets\u003C\u002Fstrong>\u003Cbr \u002F>\n* Author Box\u003Cbr \u002F>\n* Post Comment\u003Cbr \u002F>\n* Post Navigation\u003Cbr \u002F>\n* Post Info\u003C\u002Fp>\n\u003Cp>\u003Cstrong>6. WooCommerce Widgets (WooCommerce Product to PDF)\u003C\u002Fstrong>\u003Cbr \u002F>\nFully compatible with online stores. We include support for specific shopping elements:\u003Cbr \u002F>\n* Products\u003Cbr \u002F>\n* Custom Add to Cart\u003Cbr \u002F>\n* Product Categories\u003Cbr \u002F>\n* Gallery\u003Cbr \u002F>\n* Cart\u003Cbr \u002F>\n* Products by Rating\u003C\u002Fp>\n\u003Cp>\u003Cstrong>7. WordPress Widgets in Elementor\u003C\u002Fstrong>\u003Cbr \u002F>\n* Calendar\u003Cbr \u002F>\n* Gallery\u003Cbr \u002F>\n* Cart\u003Cbr \u002F>\n* Products\u003C\u002Fp>\n\u003Cp>\u003Cstrong>8. WooCommerce Single Product Page\u003C\u002Fstrong>\u003Cbr \u002F>\nCreate PDFs for WooCommerce single products effortlessly. Simply add the \u003Cstrong>Elementor PDF download button\u003C\u002Fstrong> to your single product page template. Includes security features to disable content copying.\u003C\u002Fp>\n\u003Ch4>DOCUMENTATION 📝\u003C\u002Fh4>\n\u003Cp>For more information about \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fpdfmentor-wordpress-pdf-generator-for-elementor-pro\u002F28376760\" rel=\"nofollow ugc\">PDFMentor Pro – WordPress PDF Generator for Elementor\u003C\u002Fa>, please visit our \u003Ca href=\"https:\u002F\u002Fredefiningtheweb.com\u002Fdocs\u002Fpdfmentor-wordpress-pdf-generator-for-elementor\u002Fpdfmentor-overview\u002F\" rel=\"nofollow ugc\">documentation here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Follow Us\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fredefiningtheweb.com\u002F\" rel=\"nofollow ugc\">Official Website\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fuser\u002Fredefiningtheweb\u002Fportfolio\" rel=\"nofollow ugc\">CodeCanyon Portfolio\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fredefiningtheweb\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FWebRedefining\u002F\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fredefiningtheweb\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Liked Our Plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fredefiningtheweb\u002F\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Learn from our tutorials on \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002F@redefiningtheweb\" rel=\"nofollow ugc\">YouTube Channel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Or rate us on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fpdf-generator-addon-for-elementor-page-builder\u002Freviews\u002F\" rel=\"ugc\">WordPress\u003C\u002Fa> 🙂\u003C\u002Fli>\n\u003C\u002Ful>\n","The ultimate WordPress PDF generator for Elementor. Easily export to PDF, add a download button, and convert WooCommerce products to PDF.",57564,72,23,"2026-02-10T10:15:00.000Z","5.0","7.0",[117,118,119,120,121],"elementor-pdf-generator","export-pdf","form-to-pdf","woocommerce-product-to-pdf","wordpress-pdf-generator","http:\u002F\u002Fredefiningtheweb.com\u002Fpdf-generator-addon-for-elementor-page-builder","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-generator-addon-for-elementor-page-builder.2.2.0.zip",93,4,"2025-12-12 00:00:00",{"attackSurface":128,"codeSignals":457,"taintFlows":504,"riskAssessment":575,"analyzedAt":586},{"hooks":129,"ajaxHandlers":419,"restRoutes":440,"shortcodes":441,"cronEvents":456,"entryPointCount":140,"unprotectedCount":143},[130,136,141,146,151,155,160,161,163,166,169,170,173,174,177,178,182,186,189,190,193,196,200,204,208,211,215,218,220,223,227,230,232,234,237,241,244,247,252,255,259,262,265,267,270,273,275,277,279,283,285,288,290,293,295,298,302,304,308,311,315,317,320,322,326,328,329,332,334,337,339,342,344,348,351,352,355,358,360,362,364,367,370,373,376,379,383,385,387,390,393,397,401,403,405,407,410,412,415],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","admin_init","pdf_reset_template_php","backend\\ajax.php",12,{"type":131,"name":137,"callback":138,"priority":139,"file":134,"line":140},"add_meta_boxes","remove_wp_seo_meta_box",100,13,{"type":131,"name":142,"callback":142,"priority":143,"file":144,"line":145},"builder_yeepdfs",1,"backend\\demo\\templates_demo.php",5,{"type":131,"name":147,"callback":148,"priority":149,"file":150,"line":145},"yeepdf_builder_block_forms","add_input_text",30,"backend\\forms\\checkbox.php",{"type":152,"name":153,"callback":154,"file":150,"line":48},"filter","yeepdf_builder_block_html","add_input_text_settings",{"type":131,"name":156,"callback":157,"priority":158,"file":159,"line":145},"yeepdf_builder_tab_block_addons","add_forms",10,"backend\\forms\\index.php",{"type":131,"name":147,"callback":148,"priority":158,"file":159,"line":48},{"type":152,"name":153,"callback":154,"file":159,"line":162},7,{"type":131,"name":164,"callback":165,"file":159,"line":74},"yeepdf_builder_tab__editor_before","add_editor",{"type":131,"name":147,"callback":148,"priority":167,"file":168,"line":145},40,"backend\\forms\\radio.php",{"type":152,"name":153,"callback":154,"file":168,"line":48},{"type":131,"name":147,"callback":148,"priority":171,"file":172,"line":145},20,"backend\\forms\\select.php",{"type":152,"name":153,"callback":154,"file":172,"line":48},{"type":131,"name":147,"callback":148,"priority":175,"file":176,"line":145},50,"backend\\forms\\textarea.php",{"type":152,"name":153,"callback":154,"file":176,"line":48},{"type":131,"name":179,"callback":180,"file":181,"line":74},"admin_enqueue_scripts","style","backend\\index.php",{"type":131,"name":183,"callback":184,"file":181,"line":185},"admin_head","add_font",9,{"type":131,"name":187,"callback":188,"file":181,"line":158},"init","create_posttype",{"type":131,"name":137,"callback":137,"file":181,"line":14},{"type":152,"name":191,"callback":192,"file":181,"line":135},"get_sample_permalink_html","remove_permalink",{"type":131,"name":194,"callback":195,"priority":158,"file":181,"line":140},"save_post_yeepdf","save_metabox",{"type":152,"name":197,"callback":198,"file":181,"line":199},"admin_body_class","body_class",14,{"type":131,"name":201,"callback":202,"file":181,"line":203},"admin_footer","add_page_templates",15,{"type":152,"name":205,"callback":206,"priority":158,"file":181,"line":207},"post_row_actions","duplicate_post_link",16,{"type":131,"name":164,"callback":209,"priority":143,"file":181,"line":210},"yeepdf_builder_tab__editor",17,{"type":131,"name":212,"callback":213,"priority":158,"file":181,"line":214},"yeepdf_header_settings","add_header_settings",18,{"type":131,"name":216,"callback":213,"priority":158,"file":181,"line":217},"yeepdf_footer_settings",19,{"type":131,"name":219,"callback":213,"priority":158,"file":181,"line":171},"yeepdf_watermark_text_settings",{"type":131,"name":221,"callback":213,"priority":158,"file":181,"line":222},"yeepdf_watermark_img_settings",21,{"type":131,"name":224,"callback":225,"file":226,"line":185},"admin_menu","add_plugin_page","backend\\settings.php",{"type":131,"name":228,"callback":229,"file":226,"line":14},"yeepdf_custom_sizes","add_sizes",{"type":131,"name":132,"callback":231,"file":226,"line":135},"plugins_loaded",{"type":131,"name":233,"callback":233,"priority":158,"file":226,"line":199},"yeepdf_after_settings",{"type":152,"name":235,"callback":236,"file":226,"line":203},"upload_mimes","custom_upload_mimes",{"type":131,"name":238,"callback":239,"file":226,"line":240},"admin_notices","display_notices",152,{"type":131,"name":132,"callback":242,"file":226,"line":243},"register_settings",296,{"type":131,"name":201,"callback":245,"file":246,"line":145},"add_dialog_page","backend\\setup.php",{"type":152,"name":248,"callback":249,"file":250,"line":251},"yeepdf_builder_shortcode","builder_shortcode","backend\\shortcode.php",24,{"type":152,"name":153,"callback":253,"priority":158,"file":254,"line":48},"barcode_qrcode_builder","backend\\templates\\barcode_qrcode.php",{"type":131,"name":256,"callback":257,"priority":258,"file":254,"line":162},"yeepdf_builder_block","add_barcode_qrcode",190,{"type":131,"name":156,"callback":260,"priority":167,"file":261,"line":27},"yeepdf_builder_block__main_templates","backend\\templates\\block_templates.php",{"type":131,"name":256,"callback":263,"priority":139,"file":264,"line":27},"superaddons_pdf_builder_block_break_point","backend\\templates\\breakpoint.php",{"type":152,"name":153,"callback":266,"file":264,"line":199},"pdf_builder_block_break_point_load",{"type":152,"name":153,"callback":268,"file":269,"line":199},"pdf_builder_block_button_load","backend\\templates\\button.php",{"type":131,"name":256,"callback":271,"priority":167,"file":272,"line":27},"superaddons_pdf_builder_block_divider","backend\\templates\\divider.php",{"type":152,"name":153,"callback":274,"file":272,"line":199},"superaddons_pdf_builder_block_divider_load",{"type":131,"name":209,"callback":209,"priority":139,"file":276,"line":48},"backend\\templates\\editor.php",{"type":131,"name":278,"callback":278,"priority":158,"file":276,"line":162},"yeepdf_condition_settings",{"type":131,"name":280,"callback":281,"priority":167,"file":282,"line":27},"yeepdf_builder_tab_block_template","yeepdf_builder_block_img_box","backend\\templates\\image-box.php",{"type":152,"name":153,"callback":284,"file":282,"line":199},"yeepdf_builder_block_img_box_load",{"type":131,"name":280,"callback":286,"priority":175,"file":287,"line":27},"yeepdf_builder_block_img_list","backend\\templates\\image-list.php",{"type":152,"name":153,"callback":289,"file":287,"line":199},"yeepdf_builder_block_img_list_load",{"type":131,"name":256,"callback":291,"priority":171,"file":292,"line":27},"superaddons_pdf_builder_block_image","backend\\templates\\image.php",{"type":131,"name":153,"callback":294,"file":292,"line":199},"superaddons_pdf_builder_block_image_load",{"type":131,"name":153,"callback":296,"file":297,"line":27},"superaddons_pdf_builder_block_main_load","backend\\templates\\index.php",{"type":131,"name":256,"callback":299,"priority":300,"file":301,"line":27},"superaddons_pdf_builder_block_rote",60,"backend\\templates\\rotate-text.php",{"type":152,"name":153,"callback":303,"file":301,"line":199},"superaddons_pdf_builder_block_rote_load",{"type":131,"name":305,"callback":306,"priority":158,"file":307,"line":125},"yeepdf_builder_tab_block_row","superaddons_pdf_builder_block_row","backend\\templates\\row.php",{"type":152,"name":153,"callback":309,"file":307,"line":310},"superaddons_pdf_builder_block_row_load",68,{"type":131,"name":256,"callback":312,"priority":313,"file":314,"line":27},"superaddons_pdf_builder_block_signature",199,"backend\\templates\\signature.php",{"type":131,"name":153,"callback":316,"file":314,"line":199},"superaddons_pdf_builder_block_signature_load",{"type":131,"name":256,"callback":318,"priority":300,"file":319,"line":27},"superaddons_pdf_builder_block_spacer","backend\\templates\\spacer.php",{"type":152,"name":153,"callback":321,"file":319,"line":199},"superaddons_pdf_builder_block_spacer_load",{"type":131,"name":256,"callback":323,"priority":324,"file":325,"line":48},"add_block",120,"backend\\templates\\table.php",{"type":152,"name":153,"callback":327,"file":325,"line":162},"add_builder",{"type":131,"name":164,"callback":165,"file":325,"line":74},{"type":131,"name":280,"callback":330,"priority":300,"file":331,"line":27},"yeepdf_builder_block_text_list","backend\\templates\\text-list.php",{"type":152,"name":153,"callback":333,"file":331,"line":199},"yeepdf_builder_block_text_list_load",{"type":131,"name":256,"callback":335,"priority":158,"file":336,"line":27},"superaddons_pdf_builder_block_text","backend\\templates\\text.php",{"type":152,"name":153,"callback":338,"file":336,"line":199},"superaddons_pdf_builder_block_text_load",{"type":131,"name":280,"callback":340,"priority":149,"file":341,"line":27},"yeepdf_builder_block_title","backend\\templates\\title.php",{"type":152,"name":153,"callback":343,"file":341,"line":199},"yeepdf_builder_block_title_load",{"type":152,"name":345,"callback":346,"file":347,"line":199},"yeepdf_shortcodes","add_shortcode","elementor\\index.php",{"type":131,"name":349,"callback":350,"file":347,"line":203},"yeepdf_head_settings","add_head_settings",{"type":131,"name":194,"callback":195,"priority":158,"file":347,"line":207},{"type":131,"name":353,"callback":354,"priority":14,"file":347,"line":210},"elementor_pro\u002Fforms\u002Fprocess","send_data",{"type":131,"name":356,"callback":357,"file":347,"line":214},"elementor_pro\u002Fforms\u002Fnew_record","submit_update_data",{"type":131,"name":179,"callback":359,"file":347,"line":217},"add_libs",{"type":152,"name":248,"callback":249,"file":347,"line":361},22,{"type":152,"name":363,"callback":363,"priority":158,"file":347,"line":112},"yeepdf_output_html",{"type":152,"name":365,"callback":365,"priority":158,"file":347,"line":366},"yeepdf_setup_id",25,{"type":152,"name":368,"callback":368,"file":347,"line":369},"yeepdf_setup_type",26,{"type":152,"name":371,"callback":371,"priority":158,"file":347,"line":372},"yeepdf_setup_forms",27,{"type":152,"name":374,"callback":374,"file":347,"line":375},"wp_mail",417,{"type":131,"name":356,"callback":377,"priority":145,"file":347,"line":378},"remove_wp_mail_filter",418,{"type":152,"name":380,"callback":381,"file":382,"line":361},"wp_mail_content_type","set_content_type","frontend\\index.php",{"type":152,"name":235,"callback":384,"file":382,"line":112},"mime_types",{"type":131,"name":187,"callback":386,"file":382,"line":251},"load_custom_template_woo",{"type":152,"name":388,"callback":389,"file":382,"line":366},"pdf_before_render_datas","shortcode_multi_images",{"type":152,"name":391,"callback":391,"priority":97,"file":382,"line":392},"template_include",74,{"type":131,"name":394,"callback":395,"file":396,"line":98},"elementor_pro\u002Fforms\u002Factions\u002Fregister","register_new_form_actions","pdf-for-elementor-forms.php",{"type":131,"name":224,"callback":398,"priority":399,"file":400,"line":158},"add_menu",9999,"yeekit\\document.php",{"type":131,"name":179,"callback":402,"file":400,"line":14},"add_js",{"type":152,"name":404,"callback":404,"file":400,"line":135},"fluentform_global_addons",{"type":131,"name":238,"callback":406,"file":400,"line":199},"add_banner",{"type":131,"name":408,"callback":409,"file":400,"line":203},"elementor\u002Felement\u002Fform\u002Fsection_form_options\u002Fafter_section_end","elementor_addons",{"type":131,"name":132,"callback":411,"file":400,"line":210},"add_ninja_form",{"type":131,"name":413,"callback":414,"file":400,"line":217},"elementor\u002Feditor\u002Fafter_enqueue_styles","after_register_styles",{"type":152,"name":416,"callback":417,"priority":158,"file":400,"line":418},"http_response","http_response_eform",208,[420,423,425,427,429,432,435,437],{"action":421,"nopriv":51,"callback":421,"hasNonce":422,"hasCapCheck":51,"file":134,"line":74},"yeepdf_builder_text",true,{"action":424,"nopriv":51,"callback":424,"hasNonce":422,"hasCapCheck":51,"file":134,"line":185},"yeepdf_builder_export_html",{"action":426,"nopriv":51,"callback":426,"hasNonce":422,"hasCapCheck":51,"file":134,"line":158},"pdf_reset_template",{"action":428,"nopriv":51,"callback":428,"hasNonce":422,"hasCapCheck":51,"file":134,"line":14},"yeepdf_import_template",{"action":430,"nopriv":51,"callback":431,"hasNonce":422,"hasCapCheck":422,"file":226,"line":158},"yeepdf_remove_font","remove_font",{"action":433,"nopriv":51,"callback":434,"hasNonce":422,"hasCapCheck":422,"file":226,"line":140},"yeepdf_dropbox_client_id_validate","ajax_validate_api_token",{"action":436,"nopriv":51,"callback":436,"hasNonce":51,"hasCapCheck":51,"file":347,"line":222},"yeepdf_el_get_entries",{"action":438,"nopriv":51,"callback":439,"hasNonce":422,"hasCapCheck":51,"file":400,"line":140},"yeekit_dismiss_noty","dismiss_noty",[],[442,445,448,451,454],{"tag":443,"callback":444,"file":250,"line":145},"yeepdf_barcode","shortcode_barcode",{"tag":446,"callback":447,"file":250,"line":48},"yeepdf_barcode_new","shortcode_barcode_new",{"tag":449,"callback":450,"file":250,"line":162},"yeepdf_qrcode","shortcode_qrcode",{"tag":452,"callback":453,"file":250,"line":74},"yeepdf_qrcode_new","shortcode_qrcode_new",{"tag":455,"callback":455,"file":250,"line":185},"pdf_download",[],{"dangerousFunctions":458,"sqlUsage":459,"outputEscaping":468,"fileOperations":125,"externalRequests":48,"nonceChecks":158,"capabilityChecks":145,"bundledLibraries":497},[],{"prepared":158,"raw":460,"locations":461},2,[462,465],{"file":347,"line":463,"context":464},502,"$wpdb->get_row() with variable interpolation",{"file":347,"line":466,"context":467},626,"$wpdb->get_results() with variable interpolation",{"escaped":469,"rawEcho":140,"locations":470},273,[471,473,475,477,479,481,483,485,487,489,491,493,495],{"file":134,"line":99,"context":472},"raw output",{"file":134,"line":474,"context":472},109,{"file":181,"line":476,"context":472},359,{"file":382,"line":478,"context":472},171,{"file":382,"line":480,"context":472},195,{"file":382,"line":482,"context":472},252,{"file":382,"line":484,"context":472},270,{"file":382,"line":486,"context":472},278,{"file":382,"line":488,"context":472},281,{"file":382,"line":490,"context":472},286,{"file":382,"line":492,"context":472},362,{"file":382,"line":494,"context":472},466,{"file":382,"line":496,"context":472},535,[498,501],{"name":499,"version":38,"knownCves":500},"TinyMCE",[],{"name":502,"version":38,"knownCves":503},"TCPDF",[],[505,522,533,541,555,567],{"entryPoint":506,"graph":507,"unsanitizedCount":28,"severity":521},"yeepdf_import_template (backend\\ajax.php:15)",{"nodes":508,"edges":519},[509,513],{"id":510,"type":511,"label":512,"file":134,"line":112},"n0","source","$_POST",{"id":514,"type":515,"label":516,"file":134,"line":517,"wp_function":518},"n1","sink","file_get_contents() [SSRF\u002FLFI]",42,"file_get_contents",[520],{"from":510,"to":514,"sanitized":422},"low",{"entryPoint":523,"graph":524,"unsanitizedCount":28,"severity":521},"yeepdf_builder_export_html (backend\\ajax.php:80)",{"nodes":525,"edges":531},[526,528],{"id":510,"type":511,"label":512,"file":134,"line":527},84,{"id":514,"type":515,"label":529,"file":134,"line":99,"wp_function":530},"echo() [XSS]","echo",[532],{"from":510,"to":514,"sanitized":422},{"entryPoint":534,"graph":535,"unsanitizedCount":28,"severity":521},"yeepdf_builder_text (backend\\ajax.php:92)",{"nodes":536,"edges":539},[537,538],{"id":510,"type":511,"label":512,"file":134,"line":139},{"id":514,"type":515,"label":529,"file":134,"line":474,"wp_function":530},[540],{"from":510,"to":514,"sanitized":422},{"entryPoint":542,"graph":543,"unsanitizedCount":28,"severity":521},"\u003Cajax> (backend\\ajax.php:0)",{"nodes":544,"edges":552},[545,546,547,550],{"id":510,"type":511,"label":512,"file":134,"line":112},{"id":514,"type":515,"label":516,"file":134,"line":517,"wp_function":518},{"id":548,"type":511,"label":549,"file":134,"line":527},"n2","$_POST (x2)",{"id":551,"type":515,"label":529,"file":134,"line":99,"wp_function":530},"n3",[553,554],{"from":510,"to":514,"sanitized":422},{"from":548,"to":551,"sanitized":422},{"entryPoint":556,"graph":557,"unsanitizedCount":143,"severity":83},"yeepdf_el_get_entries (elementor\\index.php:178)",{"nodes":558,"edges":565},[559,561],{"id":510,"type":511,"label":512,"file":347,"line":560},182,{"id":514,"type":515,"label":562,"file":347,"line":563,"wp_function":564},"get_results() [SQLi]",189,"get_results",[566],{"from":510,"to":514,"sanitized":51},{"entryPoint":568,"graph":569,"unsanitizedCount":143,"severity":83},"\u003Cindex> (elementor\\index.php:0)",{"nodes":570,"edges":573},[571,572],{"id":510,"type":511,"label":512,"file":347,"line":560},{"id":514,"type":515,"label":562,"file":347,"line":563,"wp_function":564},[574],{"from":510,"to":514,"sanitized":51},{"summary":576,"deductions":577},"The 'pdf-for-elementor-forms' plugin v6.5.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices with a high percentage of SQL queries using prepared statements and a vast majority of output being properly escaped. The presence of nonce and capability checks on most entry points further contributes to its security. However, there are notable concerns that warrant attention.  The analysis reveals one AJAX handler without authentication checks, presenting a potential entry point for unauthorized actions.  The taint analysis flagged two flows with unsanitized paths, both classified as high severity, indicating potential risks related to how user-supplied data is processed.  The plugin's history of three known CVEs, including one high and two medium severity vulnerabilities, despite none being currently unpatched, suggests a pattern of past security weaknesses. The common vulnerability types (Missing Authorization, XSS, Deserialization) align with the identified taint flow issues and the unprotected AJAX handler.  While the plugin has made efforts to secure its code, the combination of an unprotected AJAX endpoint, high-severity taint flows, and a history of diverse vulnerabilities indicates a moderate to high-risk profile for this version.",[578,580,582,584],{"reason":579,"points":158},"Unprotected AJAX handler found",{"reason":581,"points":171},"High severity unsanitized path taint flows (2)",{"reason":583,"points":203},"Previous high severity CVEs (1)",{"reason":585,"points":158},"Previous medium severity CVEs (2)","2026-03-16T18:54:14.208Z",{"wat":588,"direct":611},{"assetPaths":589,"generatorPatterns":598,"scriptPaths":599,"versionParams":602},[590,591,592,593,594,595,596,597],"\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Felementor\u002Faction-download.css","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Felementor\u002Faction-pdf.css","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Fyeekit\u002Fdocument.css","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Felementor\u002Fwidgets\u002Fpdf-form-widget.css","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Felementor\u002Fwidgets\u002Fpdf-form-widget.js","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Fyeekit\u002Fdocument.js","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Flibs\u002Fjs\u002Fpdfmake.min.js","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Flibs\u002Fjs\u002Fvfs_fonts.js",[],[600,601,595,594],"\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Felementor\u002Faction-download.js","\u002Fwp-content\u002Fplugins\u002Fpdf-for-elementor-forms\u002Felementor\u002Faction-pdf.js",[603,604,605,606,607,608,609,610],"pdf-for-elementor-forms\u002Felementor\u002Faction-download.css?ver=","pdf-for-elementor-forms\u002Felementor\u002Faction-pdf.css?ver=","pdf-for-elementor-forms\u002Fyeekit\u002Fdocument.css?ver=","pdf-for-elementor-forms\u002Felementor\u002Fwidgets\u002Fpdf-form-widget.css?ver=","pdf-for-elementor-forms\u002Felementor\u002Fwidgets\u002Fpdf-form-widget.js?ver=","pdf-for-elementor-forms\u002Fyeekit\u002Fdocument.js?ver=","pdf-for-elementor-forms\u002Flibs\u002Fjs\u002Fpdfmake.min.js?ver=","pdf-for-elementor-forms\u002Flibs\u002Fjs\u002Fvfs_fonts.js?ver=",{"cssClasses":612,"htmlComments":616,"htmlAttributes":620,"restEndpoints":625,"jsGlobals":628,"shortcodeOutput":634},[613,614,615],"yeepdf-pdf-form-widget","pro_disable","pro_disable_fff",[617,618,619],"\u003C!-- Upgrade to pro version -->","\u003C!-- START: PDF Form Widget -->","\u003C!-- END: PDF Form Widget -->",[621,622,623,624],"data-elementor-device-mode","data-elementor-id","data-elementor-type","data-yeepdf-custom-sizes",[626,627],"\u002Fwp-json\u002Fyeepdf\u002Fv1\u002Fget_template","\u002Fwp-json\u002Fyeepdf\u002Fv1\u002Fsave_template",[629,630,631,632,633],"yeepdf_creator_builder_path","yeepdf_creator_builder_url","Yeepdf_Creator_Form_Widget_Builder","Yeepdf_Settings_Builder_PDF_Backend","yeepdf_settings_backend_main",[635],"[yeepdf_form_generator]",{"error":422,"url":637,"statusCode":638,"statusMessage":639,"message":639},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpdf-for-elementor-forms\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":185,"versions":641},[642,647,654,660,669,677,687,697,707],{"version":6,"download_url":25,"svn_tag_url":643,"released_at":38,"has_diff":51,"diff_files_changed":644,"diff_lines":38,"trac_diff_url":645,"vulnerabilities":646,"is_current":422},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F7.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.5.2&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F7.0.0",[],{"version":648,"download_url":649,"svn_tag_url":650,"released_at":38,"has_diff":51,"diff_files_changed":651,"diff_lines":38,"trac_diff_url":652,"vulnerabilities":653,"is_current":51},"6.5.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.6.5.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F6.5.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.5.1&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.5.2",[],{"version":82,"download_url":655,"svn_tag_url":656,"released_at":38,"has_diff":51,"diff_files_changed":657,"diff_lines":38,"trac_diff_url":658,"vulnerabilities":659,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.6.5.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F6.5.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.3.1&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.5.1",[],{"version":661,"download_url":662,"svn_tag_url":663,"released_at":38,"has_diff":51,"diff_files_changed":664,"diff_lines":38,"trac_diff_url":665,"vulnerabilities":666,"is_current":51},"6.3.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.6.3.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F6.3.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.3.0&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.3.1",[667,668],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"id":77,"url_slug":78,"title":79,"severity":83,"cvss_score":84,"vuln_type":86,"patched_in_version":82},{"version":66,"download_url":670,"svn_tag_url":671,"released_at":38,"has_diff":51,"diff_files_changed":672,"diff_lines":38,"trac_diff_url":673,"vulnerabilities":674,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.6.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F6.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F5.5.0&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F6.3.0",[675,676],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"id":77,"url_slug":78,"title":79,"severity":83,"cvss_score":84,"vuln_type":86,"patched_in_version":82},{"version":678,"download_url":679,"svn_tag_url":680,"released_at":38,"has_diff":51,"diff_files_changed":681,"diff_lines":38,"trac_diff_url":682,"vulnerabilities":683,"is_current":51},"5.5.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.5.5.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F5.5.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F2.3.3&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F5.5.0",[684,685,686],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"id":77,"url_slug":78,"title":79,"severity":83,"cvss_score":84,"vuln_type":86,"patched_in_version":82},{"id":61,"url_slug":62,"title":63,"severity":41,"cvss_score":67,"vuln_type":69,"patched_in_version":66},{"version":688,"download_url":689,"svn_tag_url":690,"released_at":38,"has_diff":51,"diff_files_changed":691,"diff_lines":38,"trac_diff_url":692,"vulnerabilities":693,"is_current":51},"2.3.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.2.3.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F2.3.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F2.3.0.0&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F2.3.3",[694,695,696],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"id":77,"url_slug":78,"title":79,"severity":83,"cvss_score":84,"vuln_type":86,"patched_in_version":82},{"id":61,"url_slug":62,"title":63,"severity":41,"cvss_score":67,"vuln_type":69,"patched_in_version":66},{"version":698,"download_url":699,"svn_tag_url":700,"released_at":38,"has_diff":51,"diff_files_changed":701,"diff_lines":38,"trac_diff_url":702,"vulnerabilities":703,"is_current":51},"2.3.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.2.3.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F2.3.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpdf-for-elementor-forms%2Ftags%2F2.2.9.2&new_path=%2Fpdf-for-elementor-forms%2Ftags%2F2.3.0.0",[704,705,706],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"id":77,"url_slug":78,"title":79,"severity":83,"cvss_score":84,"vuln_type":86,"patched_in_version":82},{"id":61,"url_slug":62,"title":63,"severity":41,"cvss_score":67,"vuln_type":69,"patched_in_version":66},{"version":708,"download_url":709,"svn_tag_url":710,"released_at":38,"has_diff":51,"diff_files_changed":711,"diff_lines":38,"trac_diff_url":38,"vulnerabilities":712,"is_current":51},"2.2.9.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-for-elementor-forms.2.2.9.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpdf-for-elementor-forms\u002Ftags\u002F2.2.9.2\u002F",[],[713,714,715],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"id":77,"url_slug":78,"title":79,"severity":83,"cvss_score":84,"vuln_type":86,"patched_in_version":82},{"id":61,"url_slug":62,"title":63,"severity":41,"cvss_score":67,"vuln_type":69,"patched_in_version":66}]