CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.8...

6.5CVSS6.8AI score0.00279EPSS

Exploits0

RedhatCVE•added 2025/05/23 10:11 a.m.•11 views

CVE-2024-3244

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embedpresscalendar' shortcode in all versions up to, and including, 3.9.14...

6.4CVSS5.8AI score0.00509EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:9 a.m.•8 views

CVE-2024-3245

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Youtube block in all versions up to, and including, 3.9.14 due to insufficie...

6.4CVSS5.8AI score0.00323EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:59 a.m.•15 views

CVE-2024-1802

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Wistia embed block in all versions up to, and including, 3.9.10 due to...

6.4CVSS5.8AI score0.0032EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:41 a.m.•13 views

CVE-2024-1349

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.8 due to insufficient input...

6.4CVSS5.8AI score0.00445EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:16 a.m.•3 views

CVE-2024-5571

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the plugin's EmbedPress PDF widget in all versions up to, and...

6.4CVSS5AI score0.00314EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:40 a.m.•5 views

CVE-2024-31284

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.8...

9.8CVSS6.9AI score0.00397EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:39 a.m.•3 views

CVE-2024-4316

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.9.16 due to insufficient input...

6.4CVSS6AI score0.0034EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:39 a.m.•3 views

CVE-2024-31274

Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11...

5.3CVSS8.5AI score0.00336EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:31 a.m.•5 views

CVE-2024-50461

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper EmbedPress embedpress allows Stored XSS.This issue affects EmbedPress: from n/a through = 4.0.14...

6.5CVSS5.9AI score0.00241EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:23 a.m.•3 views

CVE-2024-1565

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the PDF Widget URL in all versions up to, and including, 3.9.10 due to insufficient input sanitizatio...

6.4CVSS4.9AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:21 a.m.•3 views

CVE-2024-1803

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of functionality due to insufficient authorization validation on the PDF embed block in all versions ...

4.3CVSS5.5AI score0.0028EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:21 a.m.•2 views

CVE-2024-1425

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Calendar Widget Link in all versions up to, and including, 3.9.8 due to insufficient input...

6.4CVSS5.1AI score0.00545EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:7 a.m.•15 views

CVE-2024-2688

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the EmbedPress document widget in all versions up to, and including, 3.9.12 due to...

5.4CVSS5.8AI score0.00343EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:57 a.m.•3 views

CVE-2023-4282

The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'adminpostremove' and 'removeprivatedata' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with subscriber privileges or...

5.4CVSS5.9AI score0.00419EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by