CVE-2023-2964
Simple Iframe < 1.2.0 - Contributor+ Stored XSS
The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
Unknown · Simple IframeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →