2 matches found
CVE-2024-3244
The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embedpresscalendar' shortcode in all versions up to, and including, 3.9.14...
WordPress EmbedPress Plugin <= 3.9.14 is vulnerable to Cross Site Scripting (XSS)
Software EmbedPress Type Plugin Vulnerable versions = 3.9.14 Fixed in 3.9.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3244 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 41b83bc25a78 Credits wesley wcraft Required...