2 matches found
CVE-2025-58843 WordPress Auto Last Youtube Video Plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in David Merinas Auto Last Youtube Video auto-last-youtube-video allows Stored XSS.This issue affects Auto Last Youtube Video: from n/a through = 1.0.7...
PT-2025-36182
Name of the Vulnerable Software and Affected Versions: David Merinas Auto Last Youtube Video versions n/a through 1.0.7 Description: A Cross-Site Request Forgery CSRF vulnerability exists in David Merinas Auto Last Youtube Video, which also allows Stored Cross-Site Scripting XSS. Recommendations:...