CVE-2025-25078

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrew Norcross Google Earth Embed google-earth-tours allows Stored XSS.This issue affects Google Earth Embed: from n/a through = 1.0...

CVE-2025-25081

Missing Authorization vulnerability in DeannaS Embed RSS embed-rss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Embed RSS: from n/a through = 3.1...

CVE-2025-25081 WordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in DeannaS Embed RSS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Embed RSS: from n/a through 3.1...

CVE-2025-25081 WordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in DeannaS Embed RSS embed-rss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Embed RSS: from n/a through = 3.1...

CVE-2025-25081

CVE-2025-25081 › WordPress Embed RSS plugin

CVE-2025-25078 WordPress Google Earth Embed plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrew Norcross Google Earth Embed google-earth-tours allows Stored XSS.This issue affects Google Earth Embed: from n/a through = 1.0...

CVE-2025-25078 WordPress Google Earth Embed plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrew Norcross Google Earth Embed google-earth-tours allows Stored XSS.This issue affects Google Earth Embed: from n/a through = 1.0...

CVE-2025-25078

CVE-2025-25078 refers to a Stored XSS in the WordPress plugin Google Earth Embed (plugin

WordPress plugin Embed RSS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress plugin Google Earth Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-23513

Cross-Site Request Forgery CSRF vulnerability in jd7777 Bible Embed bible-embed allows Stored XSS.This issue affects Bible Embed: from n/a through = 0.0.4...

USN-7258-1 ckeditor vulnerabilities

Kevin Backhouse discovered that CKEditor did not properly sanitize HTML content. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

CVE-2024-50473

Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through = 3.1.3...

CVE-2024-9148

Flowise 2.1.1 suffers from a Stored Cross-Site vulnerability due to a lack of input sanitization in Flowise Chat Embed 2.0.0...

CVE-2024-51606

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Blrt Blrt WP Embed blrt-wp-embed allows SQL Injection.This issue affects Blrt WP Embed: from n/a through = 1.6.9...

CVE-2025-22696

CVE-2025-22696): WordPress Document Block – Upload & Embed Docs plugin (Document Block – Upload & Embed Docs) contains a Missing Authorization vulnerability affecting versions 1.1.0 and earlier. The issue arises from insufficient authorization checks, enabling an unauthenticated actor to perform ...

PT-2025-4631 · Unknown · Embedpress Document Block – Upload & Embed Docs

Name of the Vulnerable Software and Affected Versions: Document Block – Upload & Embed Docs versions 1.1.0 and earlier Description: The issue is related to a Missing Authorization vulnerability in the EmbedPress Document Block – Upload & Embed Docs. This vulnerability affects the ability to...

Malicious code in ui-forms-embed-components-library (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in ui-forms-embed-client-api (npm)

--- -= Per source details. Do not edit below this line.=-...

WordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerability

Arbitrary Shortcode Execution vulnerability discovered by muhammad yudha in WordPress Plugin Embed RSS versions = 3.1...