| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-25453 | WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability | mdempfle | Advanced iFrame | - | - | 2026-02-19 08:27:08 | Deep Dive |
| CVE-2025-12645 | Inline frame – Iframe <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | karthiksg | Inline frame – Iframe | Medium | 6.4 | 2025-11-25 07:28:26 | Deep Dive |
| CVE-2025-11813 | Responsive iframe GoogleMap <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | pressmaninc | Responsive iframe GoogleMap | Medium | 6.4 | 2025-10-22 08:27:07 | Deep Dive |
| CVE-2025-59553 | WordPress Custom iFrame for Elementor Plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability | Coderz Studio | Custom iFrame for Elementor | Medium | 6.5 | 2025-09-22 18:26:05 | Deep Dive |
| CVE-2025-8089 | Advanced iFrame <= 2025.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | mdempfle | Advanced iFrame | Medium | 5.4 | 2025-08-16 06:39:23 | Deep Dive |
| CVE-2025-6987 | Advanced iFrame <= 2025.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | mdempfle | Advanced iFrame | Medium | 6.4 | 2025-07-26 06:43:22 | Deep Dive |
| CVE-2025-30969 | WordPress iFrame Images Gallery plugin <= 9.0 - SQL Injection Vulnerability | gopiplus | iFrame Images Gallery | High | 8.5 | 2025-07-04 08:42:23 | Deep Dive |
| CVE-2025-30939 | WordPress IFrame Widget plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability | Debashish | IFrame Widget | Medium | 5.9 | 2025-06-06 12:54:16 | Deep Dive |
| CVE-2025-47705 | IFrame Remove Filter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-051 | Drupal | IFrame Remove Filter | - | - | 2025-05-14 17:02:25 | Deep Dive |
| CVE-2025-1440 | Advanced iFrame <= 2024.5 - Unauthenticated Settings Update | mdempfle | Advanced iFrame | Medium | 5.3 | 2025-03-26 09:21:51 | Deep Dive |
| CVE-2025-1437 | Advanced iFrame <= 2025.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | mdempfle | Advanced iFrame | Medium | 6.4 | 2025-03-26 09:21:42 | Deep Dive |
| CVE-2025-1439 | Advanced iFrame <= 2024.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Host Header | mdempfle | Advanced iFrame | Medium | 6.4 | 2025-03-26 09:21:41 | Deep Dive |
| CVE-2025-27824 | Backdrop CMS 跨站脚本漏洞 | backdropcms | Link iframe formatter | Medium | 6.4 | 2025-03-07 00:00:00 | Deep Dive |
| CVE-2024-11335 | UltraEmbed – Advanced Iframe Plugin For WordPress with Gutenberg Block Included <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | ultradevs | UltraEmbed – Advanced Iframe Plugin For WordPress with Gutenberg Block Included | Medium | 6.4 | 2025-02-19 07:32:11 | Deep Dive |
| CVE-2024-12768 | Responsive iframe <= 1.2.0 - Contributor+ Stored XSS | Unknown | Responsive iframe | 中危 | - | 2025-02-01 06:00:03 | Deep Dive |
| CVE-2024-10151 | Auto iFrame < 2.0 - Contributor+ XSS via Shortcode | Unknown | Auto iFrame | 中危 | - | 2025-01-08 06:00:12 | Deep Dive |
| CVE-2025-22545 | WordPress iframe to embed plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability | sw.galati | iframe to embed | Medium | 6.5 | 2025-01-07 14:57:22 | Deep Dive |
| CVE-2024-9449 | Auto iFrame <= 1.7 - Authenticated (Author+) Stored Cross-Site Scripting via tag Parameter | gregross | Auto iFrame | Medium | 6.4 | 2024-10-09 06:44:38 | Deep Dive |
| CVE-2024-4365 | Advanced iFrame <= 2024.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | mdempfle | Advanced iFrame | Medium | 6.4 | 2024-05-23 16:30:52 | Deep Dive |
| CVE-2023-6844 | iframe <= 5.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode | webvitaly | iframe | Medium | 5.0 | 2024-05-23 01:56:19 | Deep Dive |