10 matches found
WordPress Video Merchant Cross-Site Request Forgery Vulnerability
WordPress Video Merchant is a once-existing WordPress plugin that is mainly used for managing and displaying video content. WordPress Video Merchant suffers from a cross-site request forgery vulnerability that stems from missing or incorrect random number validation, which can be exploited by an...
CVE-2025-14390
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...
CVE-2025-14390
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...
CVE-2025-14390 Video Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...
CVE-2025-14390
Summary: The WordPress Video Merchant plugin (versions
CVE-2025-14390 Video Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...
EUVD-2025-202401
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...
WordPress Video Merchant plugin <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability
Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Ala Arfaoui in WordPress Plugin Video Merchant versions = 5.0.4...
PT-2025-50316
Name of the Vulnerable Software and Affected Versions Video Merchant plugin for WordPress versions 5.0.4 and earlier Description The Video Merchant plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is due to inadequate nonce validation within the video merchant add vide...
WordPress plugin Video Merchant 代码问题漏洞
WordPress Video Merchant is a once-existing WordPress plugin that is mainly used for managing and displaying video content. WordPress Video Merchant suffers from a cross-site request forgery vulnerability that stems from missing or incorrect random number validation, which can be exploited by an...