Wp Matterport Shortcode Security Vulnerabilities and Issues — Wp Matterport Shortcode CVE List

MpembedWp Matterport Shortcode

3 matches found

CVE•added 2023/10/16 7:39 p.m.•49 views

CVE-2023-4289

Summary (CVE-2023-4289) : The WP Matterport Shortcode WordPress plugin prior to version 2.1.8 fails to validate and escape certain shortcode attributes before output, enabling stored XSS for users with the Contributor role and higher when the shortcode is embedded on a page/post. Affected softwar...

5.4CVSS5.3AI score0.00109EPSS

CVE•added 2023/08/30 3:14 p.m.•37 views

CVE-2023-35094

CVE-2023-35094 affects the WordPress plugin MPEmbed WP Matterport Shortcode. The connected Patchstack entry confirms a stored Cross-Site Scripting (XSS) vulnerability in versions

6.5CVSS5.4AI score0.00097EPSS

CVE•added 2023/10/16 7:22 p.m.•35 views

CVE-2023-4290

The CVE-2023-4290 entry affects the WP Matterport Shortcode WordPress plugin prior to version 2.1.7. The underlying issue is a reflected XSS caused by not escaping the PHP_SELF server variable when outputting it in attribute values, enabling an attacker to target high-privilege users such as admi...

6.1CVSS6AI score0.00117EPSS

Web