2 matches found
CVE-2024-2128
The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's embed widget in all versions up to, and including, 3.9.10 due to insufficien...
WordPress EmbedPress Plugin <= 3.9.10 is vulnerable to Cross Site Scripting (XSS)
Software EmbedPress Type Plugin Vulnerable versions = 3.9.10 Fixed in 3.9.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2128 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1d5abb449ba3 Credits wesley wcraft Required...