Advanced iFrame

Vulnerabilities 14Slug advanced-iframeLatest version 2026.1WordPress.org →

Minimum safe version

2026.0

Update to 2026.0 or later to address 13 fixable vulnerabilities

Latest available2026.1 ✓⚠ 1 vulnerability has no fix

Medium 6.5

2026-02-19< 2026.0

CVE-2026-25453

CVE Wordfence

N/A Unfixed

2026-02-19≤ 2025.10

CVE-2026-25412

CVE

Medium 5.4

2025-08-16< 2025.7

Advanced iFrame <= 2025.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 6.4

2025-07-26< 2025.6

Advanced iFrame <= 2025.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 6.4

2025-03-26< 2025.0

Advanced iFrame <= 2025.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 6.4

2025-03-26< 2025.0

Advanced iFrame <= 2024.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Host Header

EUVD Wordfence CVE

Medium 5.3

2025-03-26< 2025.0

WordPress Advanced iFrame Plugin <= 2024.5 is vulnerable to Broken Access Control

EUVD Patchstack Wordfence CVE

Medium 6.4

2024-05-24< 2024.4

WordPress Advanced iFrame Plugin <= 2024.3 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence

Medium 6.5

2024-04-15< 2024.3

CVE-2024-32079

CVE Wordfence Patchstack

Medium 5.4

2024-02-29< 2024.2

CVE-2024-1341

CVE Wordfence Patchstack WPScan

Medium 6.5

2024-02-05< 2024.0

CVE-2024-24870

CVE Patchstack

Medium 5.4

2024-02-01< 2024.0

CVE-2023-7069

CVE Wordfence Patchstack WPScan

Medium 6.5

2024-12-27< 2023.9

WordPress Advanced iFrame Plugin <= 2023.8 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE

Medium 5.4

2024-12-13< 2023.9

WordPress Advanced iFrame Plugin <= 2023.8 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan