10 matches found
CVE-2025-7732
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
CVE-2025-7732
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
CVE-2025-7732 Lazy Load for Videos <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
CVE-2025-7732
CVE-2025-7732: The WordPress plugin Lazy Load for Videos (
WordPress plugin Lazy Load for Videos 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-34821 · WordPress · Lazy Load For Videos
Name of the Vulnerable Software and Affected Versions: Lazy Load for Videos plugin for WordPress versions through 2.18.7 Description: The Lazy Load for Videos plugin for WordPress is susceptible to Stored Cross-Site Scripting through its lazy-loading handlers. Insufficient input sanitization and...
WordPress Lazy load videos and sticky control plugin <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Lazy load videos and sticky control versions = 3.0.0...
CVE-2024-11428
The CVE CVE-2024-11428 describes a Stored Cross-Site Scripting (XSS) in the WordPress plugin “Lazy load videos and sticky control” (shortcode: lazy-load-videos-and-sticky-control) affecting all versions up to and including 3.0.0. The root cause is insufficient input sanitization and output escapi...
WordPress plugin Lazy load videos and sticky control 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in th...
CVE-2023-45656
Cross-Site Request Forgery CSRF vulnerability in Kevin Weber Lazy Load for Videos plugin = 2.18.2 versions...