CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389 Document Embedder <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389 Document Embedder <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389

CVE-2026-1389 affects the WordPress plugin Document Embedder (

WordPress Document Embedder plugin <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion vulnerability

Insecure Direct Object Reference to Authenticated Author+ Arbitrary Document Library Entry Deletion vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Document Embedder versions = 2.0.4...

PT-2026-5079

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the 'bplde sa...

WordPress Plugin Document Embedder has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

CVE-2016-10880

The google-document-embedder plugin before 2.6.1 for WordPress has XSS...

CVE-2016-10882

The google-document-embedder plugin before 2.6.2 for WordPress has CSRF...

CVE-2025-12384

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to unauthorized access/modification/loss of data in all versions up to, and including, 2.0.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

CVE-2025-12384

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to unauthorized access/modification/loss of data in all versions up to, and including, 2.0.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

CVE-2025-12384

CVE-2025-12384 affects the WordPress plugin “Document Embedder – Embed PDFs, Word, Excel, and Other Files” (versions ≤ 2.0.0). The root cause is missing authorization checks in functions bplde_save_document_library, bplde_get_all, bplde_get_single, and bplde_delete_document_library, allowing unau...

CVE-2025-12384 Document Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to unauthorized access/modification/loss of data in all versions up to, and including, 2.0.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

WordPress Document Embedder plugin <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation vulnerability

Missing Authorization to Unauthenticated Document Manipulation vulnerability discovered by ohmymex in WordPress Plugin Document Embedder versions = 2.0.0...

WordPress plugin Document Embedder – Embed PDFs Word Excel and Other Files 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Document Embedder -...

EUVD-2016-1875

Malware in sbrugna...

EUVD-2016-1874

Malware in sbrugna...

EUVD-2016-1876

Malware in sbrugna...

CVE-2021-24868

The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could allow any authenticated user, such as subscriber to enumerate the title of arbitrary private and draft posts...