7 matches found
CVE-2025-32183
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through = 6.8...
CVE-2025-32183
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through = 6.7.1...
CVE-2025-32183 WordPress Video Playlist For YouTube plugin <= 6.7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through = 6.7.1...
WordPress Playlist for Youtube plugin < 1.40 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Erdemstar in WordPress Plugin Playlist for Youtube versions 1.40...
CVE-2024-3937
The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3937 Playlist for Youtube <= 1.32 - Editor+ Stored XSS
The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)
Exploit Title: Wordpress Plugin Playlist for Youtube - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.32 Proof Of Concept: 1. Click Add a new playlist and enter the XSS payload as below into the properties named "Name" or...