WordPress EmbedPress plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin EmbedPress versions = 4.0.8...

WordPress EmbedPress Plugin <= 4.0.8 is vulnerable to Cross Site Scripting (XSS)

Software EmbedPress Type Plugin Vulnerable versions = 4.0.8 Fixed in 4.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43936 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 078131b40cca Credits João Pedro S Alcântara Kinorth Required...

CVE-2024-43328

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9...

CVE-2024-43328

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9...

CVE-2024-43328 WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9...

CVE-2024-43328

CVE-2024-43328 is a Path Traversal (PHP Local File Inclusion) vulnerability in the WordPress plugin EmbedPress. The issue allows LFI due to improper limitation of a pathname and affects EmbedPress versions up to 4.0.9 (n/a). Connected sources indicate the vulnerability was publicly reported and l...

CVE-2024-43328 WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9...

WordPress plugin EmbedPress 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

PT-2024-30495 · Wpdeveloper · Wpdeveloper Embedpress

Name of the Vulnerable Software and Affected Versions: WPDeveloper EmbedPress versions prior to 4.0.10 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows PHP Local File Inclusion. This can potentially...

WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin EmbedPress versions = 4.0.9...

WordPress EmbedPress Plugin <= 4.0.9 is vulnerable to Local File Inclusion

Software EmbedPress Type Plugin Vulnerable versions = 4.0.9 Fixed in 4.0.10 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-43328 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 8a6dffdf0163 Credits Rafie Muhammad Patchstack Required privilege...

WordPress EmbedPress plugin <= 4.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin EmbedPress versions = 4.0.4...

WordPress EmbedPress Plugin <= 4.0.4 is vulnerable to Broken Access Control

Software EmbedPress Type Plugin Vulnerable versions = 4.0.4 Fixed in 4.0.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38707 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID f167af72d43c Credits Rafie Muhammad Patchstack...

WordPress Embedpress plugin <= 4.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin EmbedPress versions = 4.0.2...

WordPress EmbedPress Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software EmbedPress Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID 86a2108fb08b Credits Yudistira Arya Required privilege...

CVE-2023-51375

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3...

CVE-2023-51375

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3...

CVE-2023-51375 WordPress EmbedPress plugin <= 3.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3...

CVE-2023-51375 WordPress EmbedPress plugin <= 3.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3...

CVE-2023-51375

CVE-2023-51375 affects the WordPress EmbedPress plugin up to version 3.8.3 and is described as a Missing Authorization / Broken Access Control vulnerability. The impact is stated variably: CVSS v3.1 base score 8.8 (NVD) and a separate 4.3 (PatchStack CNA), with exploitation details not provided i...