浏览 29+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39485 | WordPress Youtube Embed Plus plugin <= 14.2.4 - Broken Access Control vulnerability | embedplus | Youtube Embed Plus | - | - | 2026-04-08 08:30:11 | Deep Dive |
| CVE-2025-68599 | WordPress YouTube Embed plugin <= 5.4 - Cross Site Scripting (XSS) vulnerability | Embeds For YouTube Plugin Support | YouTube Embed | Medium | 6.5 | 2025-12-24 13:10:46 | Deep Dive |
| CVE-2025-13007 | WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets (Google Reviews, YouTube Feed, Photo Feeds, and More) <= 3.20.3 - Unauthenticated Stored Cross-Site Scripting via External Content Import | adreastrian | WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets | Medium | 6.1 | 2025-12-02 06:40:24 | Deep Dive |
| CVE-2025-6692 | YouTube Embed <= 10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via instance Parameter | hanucodes | YouTube Embed – YouTube Gallery, Vimeo Gallery – WordPress Plugin | Medium | 6.4 | 2025-07-29 09:23:47 | Deep Dive |
| CVE-2025-2537 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library | wpdevart | YouTube Embed, Playlist and Popup by WpDevArt | Medium | 6.4 | 2025-07-03 12:23:09 | Deep Dive |
| CVE-2025-31008 | WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability | Embeds For YouTube Plugin Support | YouTube Embed | Medium | 5.9 | 2025-04-09 16:10:19 | Deep Dive |
| CVE-2025-31744 | WordPress Lightweight and Responsive Youtube Embed plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability | wpszaki | Lightweight and Responsive Youtube Embed | Medium | 6.5 | 2025-04-01 14:51:08 | Deep Dive |
| CVE-2025-31743 | WordPress Lightweight and Responsive Youtube Embed Plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability | wpszaki | Lightweight and Responsive Youtube Embed | Medium | 6.5 | 2025-04-01 14:51:07 | Deep Dive |
| CVE-2024-11203 | EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor <= 4.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'provider_name' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-11-28 08:47:31 | Deep Dive |
| CVE-2024-1565 | EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-13 08:31:32 | Deep Dive |
| CVE-2024-5571 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-05 08:33:16 | Deep Dive |
| CVE-2024-1803 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 4.3 | 2024-05-23 12:43:29 | Deep Dive |
| CVE-2024-4316 | EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-05-09 20:03:23 | Deep Dive |
| CVE-2024-3244 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-04-09 18:59:00 | Deep Dive |
| CVE-2024-3245 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-04-06 02:32:04 | Deep Dive |
| CVE-2024-2468 | EmbedPress <= 3.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Attribute | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-23 02:32:56 | Deep Dive |
| CVE-2024-2688 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Authenticated (Contributor+) Stored Cross-site Scripting via 'embedpress_doc_custom_color' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 5.4 | 2024-03-23 02:32:56 | Deep Dive |
| CVE-2024-1802 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Wistia Block | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-07 20:33:26 | Deep Dive |
| CVE-2024-2128 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-07 19:32:59 | Deep Dive |
| CVE-2024-1349 | EmbedPress <= 3.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-02-20 18:56:32 | Deep Dive |