| CVE-2024-11203 | EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor <= 4.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'provider_name' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-11-28 08:47:31 | Deep Dive |
| CVE-2024-38707 | WordPress EmbedPress plugin <= 4.0.4 - Broken Access Control vulnerability | WPDeveloper | EmbedPress | Medium | 6.3 | 2024-11-01 14:18:07 | Deep Dive |
| CVE-2024-50461 | WordPress EmbedPress plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability | WPDeveloper | EmbedPress | Medium | 6.5 | 2024-10-28 17:48:55 | Deep Dive |
| CVE-2024-43936 | WordPress EmbedPress plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability | WPDeveloper | EmbedPress | Medium | 6.5 | 2024-08-29 18:07:25 | Deep Dive |
| CVE-2024-43328 | WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability | WPDeveloper | EmbedPress | High | 8.3 | 2024-08-19 19:26:35 | Deep Dive |
| CVE-2023-51375 | WordPress EmbedPress plugin <= 3.8.3 - Broken Access Control vulnerability | WPDeveloper | EmbedPress | Medium | 4.3 | 2024-06-21 13:37:09 | Deep Dive |
| CVE-2024-1565 | EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-13 08:31:32 | Deep Dive |
| CVE-2024-31284 | WordPress EmbedPress plugin <= 3.9.8 - Broken Access Control vulnerability | WPDeveloper | EmbedPress | Medium | 6.5 | 2024-06-09 18:10:44 | Deep Dive |
| CVE-2024-31274 | WordPress EmbedPress plugin <= 3.9.11 - Broken Access Control vulnerability | WPDeveloper | EmbedPress | Medium | 5.3 | 2024-06-09 11:18:25 | Deep Dive |
| CVE-2024-5571 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-05 08:33:16 | Deep Dive |
| CVE-2024-1803 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 4.3 | 2024-05-23 12:43:29 | Deep Dive |
| CVE-2024-4316 | EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-05-09 20:03:23 | Deep Dive |
| CVE-2024-3244 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-04-09 18:59:00 | Deep Dive |
| CVE-2024-3245 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-04-06 02:32:04 | Deep Dive |
| CVE-2024-2468 | EmbedPress <= 3.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Attribute | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-23 02:32:56 | Deep Dive |
| CVE-2024-2688 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Authenticated (Contributor+) Stored Cross-site Scripting via 'embedpress_doc_custom_color' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 5.4 | 2024-03-23 02:32:56 | Deep Dive |
| CVE-2024-1802 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Wistia Block | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-07 20:33:26 | Deep Dive |
| CVE-2024-2128 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-07 19:32:59 | Deep Dive |
| CVE-2024-1349 | EmbedPress <= 3.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-02-20 18:56:32 | Deep Dive |
| CVE-2024-1425 | EmbedPress <= 3.9.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via Google Calendar Widget Link | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-02-20 18:56:31 | Deep Dive |