CVE-2024-0757

CVE-2024-0757 : The WordPress plugin “Insert or Embed Articulate Content into WordPress” (

CVE-2019-15649

CVE-2019-15649 affects the WordPress plugin insert-or-embed-articulate-content-into-wordpress prior to version 4.2999. The vulnerability stems from insufficient restrictions on file uploads in the plugin, enabling potential unauthenticated or authenticated abuse leading to remote code execution (...

CVE-2023-50824

CVE-2023-50824 affects the WordPress plugin Insert or Embed Articulate Content into WordPress (versions from n/a to 4.3000000021). The issue is Stored Cross-Site Scripting due to improper input neutralization during Web Page Generation. Root cause: improper neutralization of input; impact: stored...

CVE-2024-5630

CVE-2024-5630 affects the WordPress plugin Insert or Embed Articulate Content into WordPress, before version 4.3000000024. The issue is that authors can upload arbitrary files to the site, potentially allowing the upload of PHP shells on affected sites. Root cause per sources is a failure to rest...

CVE-2024-0756

CVE-2024-0756 concerns the WordPress plugin Insert or Embed Articulate Content into WordPress, affected through v4.3000000023. The issue stems from insufficient URL validation when adding iframes, enabling an attacker to inject an iframe and load arbitrary content from any page. Public references...

CVE-2019-15648

The CVE-2019-15648 impact is tied to the WordPress plugin insert-or-embed-articulate-content-into-wordpress, prior to version 4.29991. The underlying issue is insufficient access controls for deleting or renaming content, exploitable by an authenticated user with roles as low as Subscriber. The c...