| CVE-2026-1314 | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery <= 1.16.17 - Missing Authorization to Unauthenticated Private/Draft Flipbook Data Exposure | iberezansky | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery | Medium | 5.3 | 2026-04-14 23:26:08 | Deep Dive |
| CVE-2026-1389 | Document Embedder <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion | bplugins | Document Embedder – Embed PDFs, Word, Excel, and Other Files | Medium | 4.3 | 2026-01-28 07:27:35 | Deep Dive |
| CVE-2025-67555 | WordPress UseStrict's Calendly Embedder plugin <= 1.1.7.2 - Cross Site Scripting (XSS) vulnerability | useStrict | UseStrict's Calendly Embedder | Medium | 5.9 | 2025-12-09 14:14:08 | Deep Dive |
| CVE-2025-12384 | Document Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation | bplugins | Document Embedder – Embed PDFs, Word, Excel, and Other Files | High | 8.6 | 2025-11-05 06:35:02 | Deep Dive |
| CVE-2025-54730 | WordPress Embedder for Google Reviews Plugin <= 1.7.3 - Broken Access Control Vulnerability | PARETO Digital | Embedder for Google Reviews | Medium | 5.3 | 2025-08-14 18:21:40 | Deep Dive |
| CVE-2025-6546 | Drive Folder Embedder <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via tablecssclass Parameter | azumbro | Drive Folder Embedder | Medium | 6.4 | 2025-06-26 02:22:23 | Deep Dive |
| CVE-2025-5289 | 3D FlipBook - Lite Edition <= 1.16.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via style and mode Parameters | iberezansky | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery | Medium | 6.4 | 2025-06-21 11:09:40 | Deep Dive |
| CVE-2025-3417 | Embedder 1.3 - 1.3.5 - Authenticated (Subscriber+) Arbitrary Options Update | stringfold | Embedder | High | 8.8 | 2025-04-10 07:02:41 | Deep Dive |
| CVE-2025-31458 | WordPress Video Embedder plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability | forsgren | Video Embedder | High | 7.1 | 2025-03-28 11:54:10 | Deep Dive |
| CVE-2025-30922 | WordPress Simplebooklet PDF Viewer and Embedder plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability | simplebooklet | Simplebooklet PDF Viewer and Embedder | Medium | 6.5 | 2025-03-27 10:55:58 | Deep Dive |
| CVE-2024-13588 | Simplebooklet PDF Viewer and Embedder <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | kenkwasnicki | Simplebooklet PDF Viewer and Embedder | Medium | 6.4 | 2025-02-18 04:21:16 | Deep Dive |
| CVE-2025-26538 | WordPress Prezi Embedder plugin <= 2.1 - Stored Cross Site Scripting (XSS) vulnerability | Dan Rossiter | Prezi Embedder | Medium | 6.5 | 2025-02-13 13:53:09 | Deep Dive |
| CVE-2025-23922 | WordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerability | Harsh | iSpring Embedder | Critical | 10.0 | 2025-01-16 20:07:54 | Deep Dive |
| CVE-2025-23871 | WordPress LSD Google Maps Embedder plugin <= 1.1 - CSRF to Stored XSS vulnerability | Bas Matthee | LSD Google Maps Embedder | High | 7.1 | 2025-01-16 20:07:29 | Deep Dive |
| CVE-2024-51795 | WordPress Pdf Embedder Fay plugin <= 1.10.1 - Cross Site Scripting (XSS) vulnerability | fayjur | Pdf Embedder Fay | Medium | 6.5 | 2024-11-19 16:32:01 | Deep Dive |
| CVE-2024-9849 | Real3D Flipbook Lite – 3D FlipBook, PDF Viewer, PDF Embedder <= 4.8 - Authenticated (Author+) Arbitrary File Upload | creativeinteractivemedia | Real 3D Flipbook – 3D FlipBook, PDF FlipBook, PDF Viewer, PDF Embedder | High | 8.8 | 2024-11-16 03:20:43 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-34561 | WordPress Real3D Flipbook PDF Viewer Lite plugin <= 3.71 - Cross Site Scripting (XSS) vulnerability | Creative interactive media | 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin | Medium | 5.9 | 2024-05-08 11:09:42 | Deep Dive |
| CVE-2024-0216 | Google Doc Embedder <= 2.6.4 - Authenticated (Contributor+) Blind Server Side Request Forgery | levertechadmin | Google Doc Embedder | Medium | 6.4 | 2024-04-30 01:54:18 | Deep Dive |
| CVE-2024-32694 | WordPress 3D FlipBook, PDF Viewer, PDF Embedder plugin <= 3.62 - Reflected Cross Site Scripting (XSS) vulnerability | Creative interactive media | 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin | High | 7.1 | 2024-04-22 07:48:43 | Deep Dive |