Embedpress
This hub aggregates every CVE we track for Embedpress, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
27
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM25HIGH2
Monthly trend
0
2
0
1
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Embedpress.
- CVE-2026-48872WordPress EmbedPress plugin <= 4.5.2 - Sensitive Data Exposure vulnerability7.5
- CVE-2024-11203EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor <= 4.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'provider_name'6.4
- CVE-2024-38707WordPress EmbedPress plugin <= 4.0.4 - Broken Access Control vulnerability6.3
- CVE-2024-50461WordPress EmbedPress plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-43936WordPress EmbedPress plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-43328WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability8.3
- CVE-2023-51375WordPress EmbedPress plugin <= 3.8.3 - Broken Access Control vulnerability4.3
- CVE-2024-1565EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL6.4
- CVE-2024-31284WordPress EmbedPress plugin <= 3.9.8 - Broken Access Control vulnerability6.5
- CVE-2024-31274WordPress EmbedPress plugin <= 3.9.11 - Broken Access Control vulnerability5.3
- CVE-2024-5571EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget6.4
- CVE-2024-1803EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual4.3
- CVE-2024-4316EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter6.4
- CVE-2024-3244EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4
- CVE-2024-3245EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block6.4
Product normalization is registry-driven with AI assist and human review. How it works