Wpdeveloper Embedpress — known CVE vulnerabilities
Every CVE whose affected-product data names Wpdeveloper Embedpress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (26)
CVE-2024-43328 — CVSS 8.3 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local…
CVE-2024-31284 — CVSS 6.5 (medium): Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.8.
CVE-2024-50461 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper EmbedPress embedpress…
CVE-2024-43936 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows…
CVE-2024-1349 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for…
CVE-2024-1425 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for…
CVE-2024-1565 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for…
CVE-2024-1802 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-5571 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2023-4283 — CVSS 6.4 (medium): The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedpress_calendar' shortcode in versions up to…
CVE-2023-6986 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for…
CVE-2024-11203 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block…
CVE-2024-2128 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-2468 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-3244 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-3245 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-4316 — CVSS 6.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-38707 — CVSS 6.3 (medium): Missing Authorization vulnerability in WPDeveloper EmbedPress allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2023-5750 — CVSS 6.1 (medium): The EmbedPress WordPress plugin before 3.9.2 does not sanitise and escape a parameter before outputting it back in the page containing a…
CVE-2023-5749 — CVSS 6.1 (medium): The EmbedPress WordPress plugin before 3.9.2 does not sanitise and escape user input before outputting it back in the page, leading to a…
CVE-2023-4282 — CVSS 5.4 (medium): The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'admin_post_remove'…
CVE-2024-2688 — CVSS 5.4 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2024-31274 — CVSS 5.3 (medium): Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11.
CVE-2023-3371 — CVSS 5.3 (medium): The EmbedPress plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the…
CVE-2024-1803 — CVSS 4.3 (medium): The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor…
CVE-2023-51375 — CVSS 4.3 (medium): Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3.