CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-2964

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f
https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f

Products affected by CVE-2023-2964

Simple Iframe Project » Simple Iframe » Version: 1.0.0

cpe:2.3:a:simple_iframe_project:simple_iframe:1.0.0
Simple Iframe Project » Simple Iframe » Version: 1.0.1

cpe:2.3:a:simple_iframe_project:simple_iframe:1.0.1
Simple Iframe Project » Simple Iframe » Version: 1.1.0

cpe:2.3:a:simple_iframe_project:simple_iframe:1.1.0
Simple Iframe Project » Simple Iframe » Version: 1.1.1

cpe:2.3:a:simple_iframe_project:simple_iframe:1.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2964

Products

Pricing

Contact Us