Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/04/06 5:4 p.m.21 views

CVE-2025-32183

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through = 6.8...

6.5CVSS7.3AI score0.00367EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 4:15 p.m.7 views

CVE-2025-32183

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through = 6.7.1...

6.5CVSS0.00367EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:58 p.m.21 views

CVE-2025-32183 WordPress Video Playlist For YouTube plugin <= 6.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through = 6.7.1...

6.5CVSS0.00367EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/05/29 8:11 a.m.5 views

WordPress Playlist for Youtube plugin < 1.40 - Editor+ Stored XSS vulnerability

Editor+ Stored XSS vulnerability discovered by Erdemstar in WordPress Plugin Playlist for Youtube versions 1.40...

4.8CVSS6.1AI score0.00332EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/05/29 6:18 a.m.5 views

CVE-2024-3937

The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00332EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/05/29 6:0 a.m.21 views

CVE-2024-3937 Playlist for Youtube <= 1.32 - Editor+ Stored XSS

The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00332EPSS
Exploits2References1
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.249 views

Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Playlist for Youtube - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.32 Proof Of Concept: 1. Click Add a new playlist and enter the XSS payload as below into the properties named "Name" or...

7.4AI score
Exploits0
Rows per page
Query Builder