WordPress Plugin Vulnerabilities

Google Doc Embedder <= 2.5.18 - Cross-Site Scripting (XSS)

Description

The Google Doc Embedder WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
google-document-embedder
Fixed in 2.5.19

References

CVE
CVE-2015-1879
URL
https://packetstormsecurity.com/files/#130309/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
d165fc2c-4038-4aaf-ba42-e437fbed454d

Timeline

Publicly Published
2015-02-22 (about 11 years ago)
Added
2015-02-11 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2026-02-17
Title
YayMail < 4.3.3 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via Template Elements
Published
2024-03-25
Title
Jetpack < 13.2.1 - Contributor+ Stored XSS
Published
2025-09-07
Title
Toast Mobile Menu < 1.0.9 - Unauthenticated Stored Cross-Site Scripting
Published
2025-01-07
Title
KNR Author List Widget <= 3.1.1 - Reflected Cross-Site Scripting
Published
2025-12-05
Title
RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes