4 matches found
CVE-2016-10880
The CVE-2016-10880 entry concerns the WordPress plugin google-document-embedder . The vulnerable component is the plugin prior to version 2.6.1 , which is affected by a XSS flaw. Red Hat and multiple scanners corroborate the same issue. The exact root cause details are not provided in the documen...
CVE-2016-10881
The CVE-2016-10881 entry concerns the WordPress Google Document Embedder plugin prior to version 2.6.2, which is reported to have an XSS vulnerability. Since multiple connected sources (RH advisory, NVD/NVD-derived entries, and OpenVAS data) confirm the same issue but do not provide vendor-specif...
CVE-2016-10882
The CVE-2016-10882 entry concerns the WordPress plugin “google-document-embedder” prior to version 2.6.2, where a Cross-Site Request Forgery (CSRF) vulnerability is reported. Public sources in the connected documents consistently note CSRF as the issue, without detailing additional root causes be...
CVE-2014-9173
Affected software: WordPress Google Doc Embedder plugin. Vulnerability: SQL injection in view.php via the gpid parameter. Versions: affected up to 2.5.15 (e.g., before 2.5.15; 2.5.14 noted in sources). Impact: remote attackers could execute arbitrary SQL commands. Root cause: unsafeguarded gpid u...