Davidartiss

davidartiss

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Code Embed

code_embed

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-8804 1Davidartiss 1Code Embed Oct 10, 2024 Oct 4, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed functionality in all versions up to, and including, 2.4 due to insufficient restrictions on who can utilize t...Show more The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed functionality in all versions up to, and including, 2.4 due to insufficient restrictions on who can utilize the functionality. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2023-49837 1Davidartiss 1Code Embed Apr 28, 2026 Mar 21, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Uncontrolled Resource Consumption vulnerability in David Artiss Code Embed.This issue affects Code Embed: from n/a through 2.3.6.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-8804

1Davidartiss

1Code Embed

Oct 10, 2024

Oct 4, 2024

N/A· v4

5.4 MEDIUM· v3

N/A· v2

The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed functionality in all versions up to, and including, 2.4 due to insufficient restrictions on who can utilize the functionality. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less

CVE-2023-49837

1Davidartiss

1Code Embed

Apr 28, 2026

Mar 21, 2024

N/A· v4

6.5 MEDIUM· v3

N/A· v2

Uncontrolled Resource Consumption vulnerability in David Artiss Code Embed.This issue affects Code Embed: from n/a through 2.3.6.