CVE-2023-50824 MEDIUM

CVE-2023-50824: WordPress Insert or Embed Articulate Content into WordPress Plugin <= 4.3000000021 is vulnerable to Cross Site Scripting (XSS)

Vendor Brian Batt
Product Insert or Embed Articulate Content into WordPress
Weakness CWE-79 · XSS
Published December 21, 2023
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Batt Insert or Embed Articulate Content into WordPress allows Stored XSS.This issue affects Insert or Embed Articulate Content into WordPress: from n/a through 4.3000000021.

Key dates

02Disclosure timeline

December 21, 2023 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-40968 WordPress 2kb Amazon Affiliates Store Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS) CVE-2023-47532 WordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) CVE-2025-30771 WordPress WP Cassify plugin <= 2.3.5 - Cross Site Scripting (XSS) Vulnerability CVE-2025-40899 Stored Cross-Site Scripting (XSS) in Assets and Nodes in Guardian/CMC before 26.0.0 CVE-2022-38206 Reflected XSS vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only)