Vulnerabilities > CVE-2023-2964 - Unspecified vulnerability in Simple Iframe Project Simple Iframe

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

simple-iframe-project

NVD

Published: 2023-07-10

Updated: 2024-11-21

Summary

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.

Vulnerable Configurations

Part	Description	Count
Application	Simple_Iframe_Project Simple Iframe Project Simple Iframe 1.0.0 Simple Iframe Project Simple Iframe 1.0.1 Simple Iframe Project Simple Iframe 1.1.0 Simple Iframe Project Simple Iframe 1.1.1	4

References

https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f
https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f