Vulnerabilities > Epiph

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2023-51694 Cross-site Scripting vulnerability in Epiph Embed Privacy
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0.
network
low complexity
epiph CWE-79
5.4
2023-11-20 CVE-2023-48300 Cross-site Scripting vulnerability in Epiph Embed Privacy
The `Embed Privacy` plugin for WordPress that prevents the loading of embedded external content is vulnerable to Stored Cross-Site Scripting via `embed_privacy_opt_out` shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
epiph CWE-79
5.4
2023-04-20 CVE-2023-30616 Cross-Site Request Forgery (CSRF) vulnerability in Epiph Form Block
Form block is a wordpress plugin designed to make form creation easier.
network
low complexity
epiph CWE-352
6.5