Cross-site Scripting (XSS)

starcitizenwiki/embedvideo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper restriction of HTML attributes in the video embedding functionality, which allows an attacker to inject and execute arbitrary web scripts through crafted wikitext...

PT-2025-39387

Name of the Vulnerable Software and Affected Versions EmbedVideo Extension versions prior to 4.0.0 Description The EmbedVideo Extension for MediaWiki, which includes a parser function called ev and parser tags for embedding video clips, contains a flaw. Versions 4.0.0 and earlier permit the...

WordPress Embed Video Thumbnail Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Embed Video Thumbnail Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8566e0ea18cd Credits Rafie Muhammad Patchstack...

Embed Video Scripts Cross Site Scripting

Exploit Title: Embed Video Scripts - Cross-site Script stored Google Dork: N/A Date: 1 Jan 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me POC Video: https://youtu.be/2CFJLwkxpT8 Vendor Homepage: https://codeawesome.in/embed/ Software Link:...