EmbedPress < 3.9.2 – Reflected XSS | CVE 2023-5750 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape a parameter before outputting it back in the page containing a specific content, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Proof of Concept

On a post/page where containing the following output (which can be as txt in the post content): "id":""customThumbnail":"", make a logged in admin open the URL below:

https://example.com/related-page-post/?hash=*(?:'><svg%20onload=alert(`XSS`)>)*

Affects Plugins

Fixed in 3.9.2

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Erwan LR (WPScan)

Submitter

Erwan LR (WPScan)

Verified

Yes

WPVDB ID

cf323f72-8374-40fe-9e2e-810e46de1ec8

Timeline

Publicly Published

2023-11-20 (about 2 years ago)

Added

2023-11-20 (about 2 years ago)

Last Updated

2023-11-20 (about 2 years ago)

Other

Published

Title

Published

2025-08-02

Title

UpStore < 1.7.1 - Reflected Cross-Site Scripting

Published

2025-10-21

Title

Cinza Grid < 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Skin Content Field

Published

2024-04-17

Title

Salient Shortcodes < 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Published

2024-02-27

Title

Jeg Elementor Kit < 2.6.3 - Contributor+ Stored Cross-Site Scripting

Published

2025-03-24

Title

Teleport <= 1.2.4 - Reflected Cross-Site Scripting