20 matches found
CVE-2026-57346
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...
EUVD-2026-40060
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...
CVE-2026-57346 WordPress Embed Privacy plugin <= 1.12.3 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...
CVE-2026-57346
CVE-2026-57346 affects the WordPress plugin Embed Privacy up to version 1.12.3. The vulnerability is described as an Improper Limitation of a Pathname to a Restricted Directory (path traversal), allowing access to restricted files. The CVE entry also labels it as an Arbitrary File Deletion issue....
WordPress Embed Privacy plugin <= 1.12.3 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin Embed Privacy versions = 1.12.3...
EUVD-2023-56394
Malicious code in bioql PyPI...
EUVD-2023-52360
Malicious code in bioql PyPI...
CVE-2023-51694
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694 WordPress Embed Privacy Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694
The CVE-2023-51694 issue concerns the WordPress Embed Privacy plugin. Affected component: the Embed Privacy plugin for WordPress (versions 1.8.0 and earlier). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored cross-site scripting vulnerab...
WordPress plugin Embed Privacy Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
PT-2024-14249 · Unknown · Epiphyt Embed Privacy
Name of the Vulnerable Software and Affected Versions: Epiphyt Embed Privacy versions 1.8.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can...
WordPress Embed Privacy Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS)
Software Embed Privacy Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51694 Patch priority Low CVSS severity Low 6.5 Developer Epiphyt PSID 5c950a5a8c2e Credits Ray Wilson Required privilege Contributor...
CVE-2023-48300 Embed Privacy missing escaping for show_all attribute in opt-out shortcode
The Embed Privacy plugin for WordPress that prevents the loading of embedded external content is vulnerable to Stored Cross-Site Scripting via embedprivacyoptout shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on user supplied attribute...
CVE-2023-48300 Embed Privacy missing escaping for show_all attribute in opt-out shortcode
The Embed Privacy plugin for WordPress that prevents the loading of embedded external content is vulnerable to Stored Cross-Site Scripting via embedprivacyoptout shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on user supplied attribute...
PT-2023-30768 · WordPress · Embed Privacy
Name of the Vulnerable Software and Affected Versions: Embed Privacy plugin for WordPress versions up to, and including, 1.8.0 Description: The issue is related to Stored Cross-Site Scripting via the embed privacy opt out shortcode due to insufficient input sanitization and output escaping on...
WordPress Plugin Embed Privacy Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Embed Privacy 1.8....