CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2024/06/05 9:15 a.m.•2 views

CVE-2024-5571

6.4CVSS6.1AI score0.00314EPSS

Exploits0References4

NVD•added 2024/06/05 9:15 a.m.•28 views

CVE-2024-5571

6.4CVSS5.7AI score0.00314EPSS

Cvelist•added 2024/06/05 8:33 a.m.•36 views

CVE-2024-5571 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget

6.4CVSS5.7AI score0.00314EPSS

Patchstack•added 2024/06/05 3:9 a.m.•4 views

WordPress EmbedPress plugin <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via EmbedPress PDF Widget vulnerability discovered by wesley wcraft in WordPress Plugin EmbedPress versions = 4.0.1...

6.4CVSS5.8AI score0.00314EPSS

Patchstack•added 2024/06/05 12:0 a.m.•18 views

WordPress EmbedPress Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS)

Software EmbedPress Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5571 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 09e449af3af2 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00314EPSS

Exploits0References3Affected Software1

WPVulnDB•added 2024/06/04 12:0 a.m.•16 views

EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor < 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget

Description The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the plugin's EmbedPress PDF widget in all versions...

6.4CVSS5.7AI score0.00314EPSS

Patchstack•added 2024/05/24 5:28 a.m.•3 views

WordPress EmbedPress plugin <= 3.9.12 - Insufficient Authorization Checks vulnerability

Insufficient Authorization Checks vulnerability discovered by WordFence in WordPress Plugin EmbedPress versions = 3.9.12...

4.3CVSS7AI score0.0028EPSS

OSV•added 2024/05/23 1:15 p.m.•3 views

CVE-2024-1803

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of functionality due to insufficient authorization validation on the PDF embed block in all versions ...

4.3CVSS5.8AI score0.0028EPSS

NVD•added 2024/05/23 1:15 p.m.•19 views

CVE-2024-1803

4.3CVSS4.8AI score0.0028EPSS

Vulnrichment•added 2024/05/23 12:43 p.m.•8 views

CVE-2024-1803 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual

4.3CVSS6.5AI score0.0028EPSS

CVE•added 2024/05/23 12:43 p.m.•85 views

CVE-2024-1803

Summary (CVE-2024-1803) : The WordPress plugin EmbedPress (Embed PDF, Google Docs, Vimeo, Wistia, YouTube, etc.) up to version 3.9.12 is vulnerable to unauthorized access of PDF embed functionality due to insufficient authorization validation on the PDF embed block. Impact, per sources, is that a...

4.3CVSS4.7AI score0.0028EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/05/23 12:43 p.m.•21 views

4.3CVSS4.8AI score0.0028EPSS

CNNVD•added 2024/05/23 12:0 a.m.•4 views

WordPress plugin EmbedPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

4.3CVSS6.5AI score0.0028EPSS

Positive Technologies•added 2024/05/23 12:0 a.m.•3 views

PT-2024-18319 · WordPress · Embedpress

Name of the Vulnerable Software and Affected Versions: EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress versions up to, and including, 3.9.12 Description: The issue is related to insufficient...

4.3CVSS6.6AI score0.0028EPSS

Exploits0References5

OSV•added 2024/05/14 3:43 p.m.•3 views

CVE-2024-4316

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.9.16 due to insufficient input...

5.4CVSS5.9AI score0.0034EPSS

NVD•added 2024/05/14 3:43 p.m.•19 views

CVE-2024-4316

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.9.16 due to insufficient input...

6.4CVSS5.9AI score0.0034EPSS

CNNVD•added 2024/05/14 12:0 a.m.•2 views

WordPress plugin EmbedPress 安全漏洞

6.4CVSS6.3AI score0.0034EPSS

Exploits0References4

Patchstack•added 2024/05/10 1:15 a.m.•2 views

WordPress EmbedPress plugin <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin EmbedPress versions = 3.9.16...

6.4CVSS5.8AI score0.0034EPSS