CVE-2023-2964

Name of the Vulnerable Software and Affected Versions Simple Iframe WordPress plugin versions prior to 1.2.0

Description The issue arises from improper validation of a WordPress block attribute's content, potentially allowing users with a role of at least contributor to conduct Stored Cross-Site Scripting attacks.

Recommendations For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Simple Iframe WordPress plugin until a patch is applied.