Medium 4.3
2026-04-16< 1.8.6
CVE-2026-40729
3D Viewer – Display Interactive 3D Models
Minimum safe version
1.8.6
Update to 1.8.6 or later to address 6 fixable vulnerabilities
Latest available1.8.6 ✓
Medium 6.3
2024-10-16< 1.2.7
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2023-07-18< 1.3.4
WordPress 3D viewer – Embed 3D Models Plugin < 1.3.4 is vulnerable to Cross Site Scripting (XSS)
N/A
2022-03-04< 1.2.7
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 1.2.7
WordPress 3D viewer – Embed 3D Models plugin <= 1.2.6 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 1.2.7
WordPress 3D viewer – Embed 3D Models plugin <= 1.2.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability