Wpdeveloper Embedpress
8 CVEs affecting Wpdeveloper Embedpress. Latest disclosed: 2026-06-15. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43328 | High | 8.3 | 2024-08-19 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This iss… |
CVE-2026-48872 | High | 7.5 | 2026-06-15 | Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions. |
CVE-2024-50461 | Medium | 6.5 | 2024-10-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper EmbedPress embedpress allows Stored XSS.This… |
CVE-2024-43936 | Medium | 6.5 | 2024-08-29 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issu… |
CVE-2024-31284 | Medium | 6.5 | 2024-06-09 | Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.8. |
CVE-2024-38707 | Medium | 6.3 | 2024-11-01 | Missing Authorization vulnerability in WPDeveloper EmbedPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmbedP… |
CVE-2024-31274 | Medium | 5.3 | 2024-06-09 | Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11. |
CVE-2023-51375 | Medium | 4.3 | 2024-06-21 | Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3. |