Title: Plugin has vulnerability
Last modified: October 4, 2022

---

# Plugin has vulnerability

 *  [bubblegumbill](https://wordpress.org/support/users/bubblegumbill/)
 * (@bubblegumbill)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/plugin-has-vulnerability-2/)
 * Getting this result when scanning site. Can this plugin be updated?
 * Plugin Name: PDFjs Viewer
    Current Plugin Version: 1.3 Details: To protect your
   site from this vulnerability, the safest option is to deactivate and completely
   remove “PDFjs Viewer” until a patched version is available. Get more information.

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Plugin Author [Thomas McMahon](https://wordpress.org/support/users/twistermc/)
 * (@twistermc)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/plugin-has-vulnerability-2/#post-16083258)
 * What’s the specific issue?
 *  Thread Starter [bubblegumbill](https://wordpress.org/support/users/bubblegumbill/)
 * (@bubblegumbill)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/plugin-has-vulnerability-2/#post-16110544)
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24759](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24759)
 *  [iantresman](https://wordpress.org/support/users/iantresman/)
 * (@iantresman)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/plugin-has-vulnerability-2/#post-16111325)
 * I can confirm, when I view an embedded PDF with MS Edge (Version 106.0.1370.47),
   I get the message:
 * > “Microsoft Defender SmartScreen has blocked this unsafe content”.
 * However, the additional information it provides is as follow:
 * > Microsoft Defender SmartScreen has marked this as phishing content. If you 
   > choose to see such content, it could trick you into revealing personal or financial
   > info. You might be putting your sensitive info—like passwords, credit card 
   > numbers, contact info or software activation keys—at risk.
 * Example page:
    [https://www.lobster-magazine.co.uk/article/issue/84/the-view-from-the-bridge-47/](https://www.lobster-magazine.co.uk/article/issue/84/the-view-from-the-bridge-47/)
    -  This reply was modified 3 years, 7 months ago by [iantresman](https://wordpress.org/support/users/iantresman/).
 *  Plugin Author [Thomas McMahon](https://wordpress.org/support/users/twistermc/)
 * (@twistermc)
 * [3 years, 6 months ago](https://wordpress.org/support/topic/plugin-has-vulnerability-2/#post-16179546)
 * Yep, that’s a know issue with all PDFjs plugins and Microsoft Edge. No one knows
   what the fix is.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Plugin has vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/pdfjs-viewer-shortcode/assets/icon-256x256.png?rev=2301161)
 * [PDF.js Viewer](https://wordpress.org/plugins/pdfjs-viewer-shortcode/)
 * [Support Threads](https://wordpress.org/support/plugin/pdfjs-viewer-shortcode/)
 * [Active Topics](https://wordpress.org/support/plugin/pdfjs-viewer-shortcode/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/pdfjs-viewer-shortcode/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/pdfjs-viewer-shortcode/reviews/)

 * 5 replies
 * 3 participants
 * Last reply from: [Thomas McMahon](https://wordpress.org/support/users/twistermc/)
 * Last activity: [3 years, 6 months ago](https://wordpress.org/support/topic/plugin-has-vulnerability-2/#post-16179546)
 * Status: not resolved