21 matches found
CVE-2023-25464
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
CVE-2025-68565
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through = 2.1.3...
EUVD-2025-205270
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through = 2.1.3...
CVE-2025-68565
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through = 2.1.3...
CVE-2025-68565 WordPress Twitch Player plugin <= 2.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through = 2.1.3...
CVE-2025-68565 WordPress Twitch Player plugin <= 2.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through = 2.1.3...
CVE-2025-68565
CVE-2025-68565 involves a Missing Authorization flaw in the Twitch Player WordPress plugin (ttv-easy-embed-player). The Wordfence report lists Twitch Player as affected, specifying vulnerability class as Missing Authorization and referencing the plugin’s Twitch Player entry, with affected range i...
PT-2025-53253
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through = 2.1.3...
WordPress plugin Twitch Player 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress Twitch Player plugin <= 2.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Twitch Player versions = 2.1.3...
EUVD-2023-29419
Malicious code in bioql PyPI...
CVE-2023-25464
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
CVE-2023-25464
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
CVE-2023-25464 WordPress Twitch Player Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
CVE-2023-25464
CVE-2023-25464 affects the WordPress Twitch Player plugin (StreamWeasels)
CVE-2023-25464 WordPress Twitch Player Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
PT-2023-20082 · Unknown · Streamweasels Twitch Player
Name of the Vulnerable Software and Affected Versions: StreamWeasels Twitch Player plugin versions = 2.1.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions = 2.1.0, at the moment...
WordPress Plugin Twitch Player 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Twitch Player < 2.1.1 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...