119 matches found
CVE-2026-6742
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in all versions up to, and including, 2026.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
EUVD-2026-42219
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in all versions up to, and including, 2026.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
CVE-2026-6742
The data shows CVE-2026-6742 affects the WordPress Advanced iFrame plugin: all versions up to 2026.1 are vulnerable to Stored Cross-Site Scripting via the Gutenberg Block 'additional' attribute due to insufficient input sanitization and output escaping. This allows authenticated users with contri...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25412
Missing Authorization vulnerability in mdempfle Advanced iFrame advanced-iframe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25412
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453
CVE-2026-25453 : DOM-based XSS in WordPress plugin Advanced iFrame (advanced-iframe) due to improper input neutralization during web page generation. Affected: Advanced iFrame versions up to 2025.10. The CVSS v3.1 base score is 6.5 (Medium). Exploitation details are not provided in the documents;...
CVE-2026-25412
...
CVE-2026-25412
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-25412
The CVE-2026-25412 entry concerns the WordPress Advanced iFrame plugin (
CVE-2026-25412
...
WordPress plugin Advanced iFrame 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-20737
Missing Authorization vulnerability in mdempfle Advanced iFrame advanced-iframe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced iFrame: from n/a through = 2025.10...
PT-2026-20749
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
WordPress Advanced iFrame plugin <= 2025.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Advanced iFrame versions = 2025.10...
WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by johska in WordPress Plugin Advanced iFrame versions = 2025.10...