DearFlip – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer

Vulnerabilities 9Slug 3d-flipbook-dflip-liteLatest version 2.4.30WordPress.org →

Minimum safe version

2.4.27

Update to 2.4.27 or later to address 8 fixable vulnerabilities

Latest available2.4.30 ✓⚠ 1 vulnerability has no fix

Medium 4.3 Unfixed

2026-05-27≤ 2.4.28

CVE-2026-49047

N/A

2026-03-10< 2.4.27

Dear Flipbook <= 2.4.20 - Authenticated (Auhtor+) Stored Cross-Site Scripting via PDF Page Labels

Medium 6.1

2025-07-01< 2.3.67

Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.65 - DOM-Based Reflected Cross-Site Scripting via 'pdf-source'

Medium 6.4

2025-01-08< 2.3.53

CVE-2024-11830

Medium 6.1

2024-10-24< 2.3.42

CVE-2024-8717

N/A

2024-08-12< 2.2.56

WordPress DearFlip Plugin <= 2.2.55 is vulnerable to Cross Site Scripting (XSS)

Medium 6.5

2024-03-27< 2.2.27

CVE-2024-29807

Medium 5.4

2024-02-03< 2.2.27

CVE-2024-0895

Medium 5.4

2021-10-18< 1.7.13

CVE-2021-24732