VYPR

Embed Power Bi Reports

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-11901MedDec 12, 2024
    risk 0.35cvss 6.4epss 0.00

    The PowerBI Embed Reports plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MO_API_POWER_BI' shortcode in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2025-10750MedOct 18, 2025
    risk 0.34cvss 5.3epss 0.00

    The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the 'testUser' endpoint accessible via the…