Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions.
References
Configurations
History
21 Nov 2024, 07:46
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
References | () https://patchstack.com/database/vulnerability/embed-any-document/wordpress-embed-any-document-embed-pdf-word-powerpoint-and-excel-files-plugin-2-7-1-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory |
27 Mar 2023, 17:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-23 17:15
Updated : 2024-11-21 07:46
NVD link : CVE-2023-23707
Mitre link : CVE-2023-23707
CVE.ORG link : CVE-2023-23707
JSON object : View
Products Affected
awsm
- embed_any_document