29 matches found
EUVD-2025-21600
Malicious code in bioql PyPI...
EUVD-2022-43271
Malicious code in bioql PyPI...
EUVD-2023-56389
Malicious code in bioql PyPI...
WordPress Easy Video Player Wordpress & WooCommerce Path Traversal Vulnerability
WordPress Easy Video Player Wordpress&WooCommerce is a responsive video player plugin designed for WordPress and WooCommerce, supporting local video playback, cloud platform video streaming, 360 degree video and virtual reality playback. WordPress Easy Video Player Wordpress&WooCommerce suffers...
CVE-2025-28955
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in FWDesign Easy Video Player Wordpress & WooCommerce fwdevp allows Path Traversal.This issue affects Easy Video Player Wordpress & WooCommerce: from n/a through = 10.0...
CVE-2025-28955
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in FWDesign Easy Video Player Wordpress & WooCommerce fwdevp allows Path Traversal.This issue affects Easy Video Player Wordpress & WooCommerce: from n/a through = 10.0...
CVE-2025-28955
CVE-2025-28955: Path Traversal in FWDesign Easy Video Player Wordpress & WooCommerce (affected: plugin versions through 10.0). Root cause: Improper limitation of a pathname to a restricted directory, enabling reading arbitrary files outside the application. CVSS v3.1 base score 7.5 (Network attac...
CVE-2025-28955 WordPress Easy Video Player Wordpress & WooCommerce plugin <= 10.0 - Arbitrary File Download Vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in FWDesign Easy Video Player Wordpress & WooCommerce fwdevp allows Path Traversal.This issue affects Easy Video Player Wordpress & WooCommerce: from n/a through = 10.0...
CVE-2025-28955 WordPress Easy Video Player Wordpress & WooCommerce plugin <= 10.0 - Arbitrary File Download Vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in FWDesign Easy Video Player Wordpress & WooCommerce fwdevp allows Path Traversal.This issue affects Easy Video Player Wordpress & WooCommerce: from n/a through = 10.0...
WordPress plugin Easy Video Player Wordpress & WooCommerce 路径遍历漏洞
WordPress Easy Video Player Wordpress&WooCommerce is a responsive video player plugin designed for WordPress and WooCommerce, supporting local video playback, cloud platform video streaming, 360 degree video and virtual reality playback. WordPress Easy Video Player Wordpress&WooCommerce suffers...
WordPress Easy Video Player Wordpress & WooCommerce plugin <= 10.0 - Arbitrary File Download Vulnerability
Arbitrary File Download Vulnerability discovered by 0xd4rk5id3 in WordPress Theme Easy Video Player Wordpress & WooCommerce versions = 10.0...
CVE-2023-51689
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10...
CVE-2022-3937
The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...
CVE-2023-51689
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10...
CVE-2023-51689
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10...
CVE-2023-51689
CVE-2023-51689 affects the WordPress plugin Easy Video Player (naa986) up to version 1.2.2.10 with a Stored XSS vulnerability arising from improper input neutralization during web page generation. Public details identify the vulnerable component as the Easy Video Player plugin and the impact as s...
CVE-2023-51689 WordPress Easy Video Player Plugin <= 1.2.2.10 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10...
WordPress plugin Easy Video Player cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
Easy Video Player < 1.2.2.11 - Contributor+ Stored XSS
Description The plugin does not validate and escape the ratiocode attribute of its evpembedvideo shortcode before outputting it back in a page where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...