SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| google_doc_embedder_project | google_doc_embedder | * |
The google-document-embedder plugin before 2.6.1 for WordPress has XSS.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| google_doc_embedder_project | google_doc_embedder | * |
The google-document-embedder plugin before 2.6.2 for WordPress has XSS.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| google_doc_embedder_project | google_doc_embedder | * |
The google-document-embedder plugin before 2.6.2 for WordPress has CSRF.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| google_doc_embedder_project | google_doc_embedder | * |