WordFence Identifies this Plugin as Vulnerable to Cross-Site Scripting
WordFence is saying this plugin needs to be patched for cross-site scripting vulnerability. Does anyone have a solution?
Plugin Name: Advanced iFrame Pro
Current Plugin Version: 2022.5
Details: To protect your site from this vulnerability, the safest option is to deactivate and completely remove “Advanced iFrame Pro” until a patched version is available. Get more information.(opens in new tab)
Repository URL: https://wordpress.org/plugins/advanced-iframe(opens in new tab)
Vulnerability Information: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24953(opens in new tab)
Please see the description. This is valid for versions before 2022! Right now this we are at 2022.5.
There this is also listed.
So if you have an older version then 2022 please simply update.