Security Advisory

CVE-2023-2964

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-10 12:40:29

Last updated 2025-04-23 16:20:46

Assigner WPScan

State PUBLISHED

Description

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attributes content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.

← Browse all CVEs View on cve.org ↗