CVE-2025-31784

Technical details for CVE-2025-31784 are not publicly available in the provided documents. Monitor for updates from the vendor/authorities for affected versions, impact, and remediation.

CVE-2025-31784 WordPress Embed Extended – Embed Maps, Videos, Websites, Source Codes, and more Plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rudy Susanto Embed Extended embed-extended allows Cross Site Request Forgery.This issue affects Embed Extended: from n/a through = 1.4.0...

CVE-2025-31784 WordPress Embed Extended – Embed Maps, Videos, Websites, Source Codes, and more Plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rudy Susanto Embed Extended embed-extended allows Cross Site Request Forgery.This issue affects Embed Extended: from n/a through = 1.4.0...

CVE-2025-31743

CVE-2025-31743 concerns a cross-site scripting vulnerability in the Lightweight and Responsive Youtube Embed WordPress plugin. The initial entry notes a Stored XSS in this plugin affecting versions from 0.1.0 up to 1.0.0, with exploitation described as Stored XSS during web page generation. Conne...

CVE-2025-31743 WordPress Lightweight and Responsive Youtube Embed Plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpszaki Lightweight and Responsive Youtube Embed allows Stored XSS. This issue affects Lightweight and Responsive Youtube Embed: from n/a through 1.0.0...

CVE-2025-31744

CVE-2025-31744 is a Stored XSS in Lightweight and Responsive Youtube Embed (WordPress). Affected: Lightweight and Responsive Youtube Embed

WordPress plugin Lightweight and Responsive Youtube Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Embed Extended – Embed Maps, Videos, Websites, Source Codes, and more 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Embedded Extended - Embed Maps, Videos, Websites, Source Codes, and...

WordPress plugin Lightweight and Responsive Youtube Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-14170 · Unknown · Embed Extended

Name of the Vulnerable Software and Affected Versions: Embed Extended – Embed Maps, Videos, Websites, Source Codes, and more versions 1.4.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's...

CVE-2025-30900

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0...

CVE-2025-30900

CVE-2025-30900 describes a stored cross-site scripting vulnerability in Zoho Subscriptions – Zoho Billing Embed Payment Form. The issue is caused by improper neutralization of input during web page generation, allowing an attacker to inject malicious scripts that are stored and later executed in ...

CVE-2025-30900 WordPress Zoho Billing – Embed Payment Form plugin <= 4.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0...

WordPress plugin Zoho Billing – Embed Payment Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

anything-llm 输入验证错误漏洞

anything-llm is an all-in-one desktop and Docker AI application open-sourced by Mintplex. An input validation error vulnerability exists in versions prior to anything-llm 1.2.2, which stems from the presence of Prisma injection in the API endpoint /embed/:embedId/stream-chat, which allows an...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in tomcat-embed-core

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of tomcat-embed-core Vulnerability Details CVEID:CVE-2024-56337 DESCRIPTION: Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 throu...

CVE-2025-1043 Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-1043

CVE-2025-1043 – The WordPress plugin Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files is affected by a Server-Side Request Forgery (SSRF) in all versions up to 2.7.5 via the embeddoc shortcode. With Contributor-level access or higher, an authenticated attacker can cause the web ap...

CVE-2025-1043 Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and...

WordPress Embed Any Document plugin <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode vulnerability

Authenticated Contributor+ Blind Server-Side Request Forgery via embeddoc Shortcode vulnerability discovered by theviper17y in WordPress Plugin Embed Any Document versions = 2.7.5...