3 matches found
CVE-2025-7966
creationtimestamp| type| source ---|---|--- 2025-07-24 09:38:23+00:00| seen| Telegram/0SwOtq3XZiizPgdj1FyVjQVnjhsSt6A3azetnNjlfBZzZno...
CVE-2025-7966 Get Youtube Subs <= 3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via subscribe_link_att Function
The Get Youtube Subs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘channel', 'layout', and 'subscount’ parameters in all versions up to, and including, 3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
WordPress Get Youtube Subs plugin <= 3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via subscribe_link_att Function vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via subscribelinkatt Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Get Youtube Subs versions = 3.5...