Wpdeveloper

Embedpress

26 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-11203

  • EPSS 0.08%
  • Published 28.11.2024 09:15:04
  • Last modified 11.04.2025 14:54:47

The EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘provider_name parameter i...

8.8

CVE-2024-38707

  • EPSS 0.21%
  • Published 01.11.2024 15:15:31
  • Last modified 24.03.2025 15:21:02

Missing Authorization vulnerability in WPDeveloper EmbedPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmbedPress: from n/a through 4.0.4.

5.4

CVE-2024-50461

  • EPSS 0.06%
  • Published 28.10.2024 18:15:07
  • Last modified 13.11.2024 19:46:29

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.14.

5.4

CVE-2024-43936

  • EPSS 0.15%
  • Published 29.08.2024 18:15:10
  • Last modified 03.09.2024 15:20:22

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.8.

9.8

CVE-2024-43328

  • EPSS 0.87%
  • Published 19.08.2024 20:15:07
  • Last modified 05.04.2025 00:30:50

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9.

8.8

CVE-2023-51375

  • EPSS 0.22%
  • Published 21.06.2024 14:15:11
  • Last modified 21.11.2024 08:37:58

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3.

5.4

CVE-2024-1565

  • EPSS 0.22%
  • Published 13.06.2024 09:15:09
  • Last modified 21.11.2024 08:50:50

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the PDF Widget URL in all versions up to, and includin...

9.8

CVE-2024-31284

  • EPSS 0.21%
  • Published 09.06.2024 19:15:50
  • Last modified 21.11.2024 09:13:11

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.8.

5.3

CVE-2024-31274

  • EPSS 0.19%
  • Published 09.06.2024 12:15:11
  • Last modified 21.11.2024 09:13:10

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11.

5.4

CVE-2024-5571

  • EPSS 0.17%
  • Published 05.06.2024 09:15:10
  • Last modified 21.11.2024 09:47:57

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the plugin's Em...