CVE-2025-23507

UNKNOWN 0.0

WordPress Blrt WP Embed plugin <= 1.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blrt Blrt WP Embed blrt-wp-embed allows Reflected XSS.This issue affects Blrt WP Embed: from n/a through <= 1.6.9.

CWE	CWE-79
Vendor	blrt
Product	blrt wp embed
Published	Jan 22, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for blrt blrt wp embed

Be the first to know when new unknown vulnerabilities affecting blrt blrt wp embed are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Blrt / Blrt WP Embed

0 ≤ 1.6.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/blrt-wp-embed/vulnerability/wordpress-blrt-wp-embed-plugin-1-6-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

Le Ngoc Anh | Patchstack Bug Bounty Program