Known Vulnerabilities
CVE-2024-43936
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.8.
MEDIUM
CVSS 6.5
Published Aug 29, 2024
CVE-2024-43328
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9.
HIGH
CVSS 8.3
Published Aug 19, 2024