Mdempfle Advanced Iframe

11 CVEs affecting Mdempfle Advanced Iframe. Latest disclosed: 2026-07-08. Critical: 0, High: 0.

Top CVEs affecting Mdempfle Advanced Iframe
CVESeverityScorePublishedSummary
CVE-2026-25453Medium6.52026-02-19Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based…
CVE-2026-6742Medium6.42026-07-08The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in all versions up to, and including, 2026…
CVE-2025-6987Medium6.42025-07-26The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and i…
CVE-2025-1439Medium6.42025-03-26The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and i…
CVE-2025-1437Medium6.42025-03-26The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and i…
CVE-2024-4365Medium6.42024-05-23The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘add_iframe_url_as_param_direct’ parameter in versions up to, and…
CVE-2023-7069Medium6.42024-02-01The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and i…
CVE-2023-4775Medium6.42023-11-13The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'advanced_iframe' shortcode in versions up to, and including, 202…
CVE-2025-8089Medium5.42025-08-16The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in version less than, or equal to, 2025.6…
CVE-2025-1440Medium5.32025-03-26The Advanced iFrame plugin for WordPress is vulnerable to unauthorized excessive creation of options on the aip_map_url_callback() function in all versions up…
CVE-2024-1341Medium4.92024-02-29The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's advanced_iframe shortcode in all versions up to, and inc…