CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Patchstack•added 2026/02/02 8:30 p.m.•3 views

WordPress EmbedPress plugin <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via PDF Widget URL vulnerability discovered by RandomRoot in WordPress Plugin EmbedPress versions = 3.9.10...

6.4CVSS5.2AI score0.00297EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 9:16 a.m.•1 views

CVE-2024-5571

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the plugin's EmbedPress PDF widget in all versions up to, and...

6.4CVSS5AI score0.00233EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:23 a.m.•1 views

CVE-2024-1565

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the PDF Widget URL in all versions up to, and including, 3.9.10 due to insufficient input sanitizatio...

6.4CVSS4.9AI score0.00297EPSS

Exploits0References1

OSV•added 2024/06/13 9:15 a.m.•1 views

CVE-2024-1565

5.4CVSS5.9AI score

Exploits0References3

Cvelist•added 2024/06/13 8:31 a.m.•17 views

CVE-2024-1565 EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL

6.4CVSS0.00297EPSS

Exploits0References3

Vulnrichment•added 2024/06/13 8:31 a.m.•18 views

CVE-2024-1565 EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL

6.4CVSS5.8AI score0.00297EPSS

Exploits0References3

Positive Technologies•added 2024/06/13 12:0 a.m.•2 views

PT-2024-18136 · WordPress · Embedpress

Name of the Vulnerable Software and Affected Versions: EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress versions up to, and including, 3.9.10 Description: The issue is related to Stored Cross-Site...

6.4CVSS6.1AI score0.00297EPSS

Exploits0References7

WPVulnDB•added 2024/06/12 12:0 a.m.•16 views

EmbedPress < 3.9.11 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL

Description The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the PDF Widget URL in all versions up to, and including, 3.9.10 due to insufficient input...

6.4CVSS5.7AI score0.00297EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2024/06/05 9:15 a.m.•2 views

CVE-2024-5571

6.4CVSS6.1AI score0.00233EPSS

Exploits0References4

NVD•added 2024/06/05 9:15 a.m.•12 views

CVE-2024-5571

6.4CVSS5.7AI score0.00233EPSS

Exploits0References3

OSV•added 2024/06/05 9:15 a.m.•0 views

CVE-2024-5571

5.4CVSS6AI score

Exploits0References3

Vulnrichment•added 2024/06/05 8:33 a.m.•13 views

CVE-2024-5571 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget

6.4CVSS5.8AI score0.00233EPSS

Exploits0References3

Patchstack•added 2024/06/05 3:9 a.m.•1 views

WordPress EmbedPress plugin <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via EmbedPress PDF Widget vulnerability discovered by wesley wcraft in WordPress Plugin EmbedPress versions = 4.0.1...

6.4CVSS5.8AI score0.00233EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by