Lucene search
WPScanVULNRICHMENT:CVE-2024-0756HistoryJun 04, 2024 - 2:28 p.m.
CVE-2024-0756 Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection
2024-06-0414:28:07
WPScan
github.com
cve-2024-0756
insert articulate content
wordpress plugin
iframe injection
url validation
The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Insert or Embed Articulate Content into WordPress",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "4.3000000023"
}
],
"defaultStatus": "affected"
}
]Related
wpvulndb
wpvulndb
Search & Replace < 3.2.2 - Administrator+ SQL injection
2024-05-27 00:00:00
cve
cve
CVE-2024-0756
2024-06-04 15:15:44
wpexploit
wpexploit
cvelist
cvelist
nvd
nvd
CVE-2024-0756
2024-06-04 15:15:44
wordfence
wordfence
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.2%
Related for VULNRICHMENT:CVE-2024-0756