VYPR

Embedpress

by WordPress

Source repositories

CVEs (28)

  • CVE-2024-3245MedApr 6, 2024
    risk 0.35cvss 6.4epss 0.00

    The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Youtube block in all versions up to, and including,…

  • CVE-2024-2688MedMar 23, 2024
    risk 0.35cvss 5.4epss 0.00

    The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the EmbedPress document widget in all versions up to, and including,…

  • CVE-2023-4283MedAug 10, 2023
    risk 0.35cvss 6.4epss 0.00

    The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedpress_calendar' shortcode in versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…

  • CVE-2024-31274MedJun 9, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11.

  • CVE-2023-51375MedJun 21, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3.

  • CVE-2023-4282MedAug 10, 2023
    risk 0.28cvss 5.4epss 0.00

    The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'admin_post_remove' and 'remove_private_data' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with…

  • CVE-2023-3371MedJun 27, 2023
    risk 0.27cvss 5.3epss 0.01

    The EmbedPress plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_handler' and 'display_password_form' function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated…

  • CVE-2024-1803MedMay 23, 2024
    risk 0.21cvss 4.3epss 0.00

    The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of functionality due to insufficient authorization validation on the PDF embed…

Page 2 of 2