95 matches found
CVE-2025-22554 WordPress Video Embed Optimizer plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eric Franklin Video Embed Optimizer allows Stored XSS.This issue affects Video Embed Optimizer: from n/a through 1.0.0...
CVE-2025-22554 WordPress Video Embed Optimizer plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fdfranklin06 Video Embed Optimizer video-embed-optimizer allows Stored XSS.This issue affects Video Embed Optimizer: from n/a through = 1.0.0...
CVE-2025-22554
CVE-2025-22554 is a Stored XSS vulnerability in Video Embed Optimizer (WordPress plugin) affecting versions up to 1.0.0. The issue arises from improper neutralization of input during web page generation. Exploitation details are not publicly provided in the documents beyond the stored XSS charact...
WordPress Video Embed Optimizer plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Video Embed Optimizer versions = 1.0.0...
WordPress plugin Video Embed Optimizer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-11883
The Connatix Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cnxscriptcode' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11883 Connatix Video Embed <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Connatix Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cnxscriptcode' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11883
CVE-2024-11883 affects the Connatix Video Embed WordPress plugin. The vulnerability is a Stored XSS via the plugin shortcode cnx_script_code in versions up to and including 1.0.5, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires at l...
CVE-2024-11883 Connatix Video Embed <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Connatix Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cnxscriptcode' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress plugin Connatix Video Embed 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Connatix Video Embed plugin <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Connatix Video Embed versions = 1.0.5...
CVE-2024-7599
The Advanced Sermons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘sermonvideoembed’ parameter in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Advanced Sermons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
WordPress Responsive video embed plugin < 0.5.1 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Felipe Caon in WordPress Plugin Responsive video embed versions 0.5.1...
WordPress plugin Responsive video embed security vulnerability
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Custom Field Suite plugin is a custom field adding plugin used in it.Media Library...
WordPress Responsive video embed Plugin < 0.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Responsive video embed Type Plugin Vulnerable versions 0.5.1 Fixed in 0.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5475 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 325ee9be976d Credits Felipe Caon Require...
PT-2024-36413 · WordPress · Responsive Video Embed
Name of the Vulnerable Software and Affected Versions: Responsive video embed WordPress plugin versions prior to 0.5.1 Description: The issue is related to the lack of validation and escaping of some shortcode attributes in the Responsive video embed WordPress plugin. This could allow users with...
Responsive video embed < 0.5.1 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC As a contributor, create a...
CVE-2024-1571
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with access to the recipe...
CVE-2024-1571
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with access to the recipe...