Vulnerabilities > Wonderplugin > Wonder Video Embed > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-24540 | Cross-site Scripting vulnerability in Wonderplugin Wonder Video Embed The Wonder Video Embed WordPress plugin before 1.8 does not escape parameters of its wonderplugin_video shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks. | 3.5 |