Lucene search
K

837 matches found

Cvelist
Cvelist
added 2026/01/22 4:52 p.m.22 views

CVE-2025-69053 WordPress Universal Video Player plugin <= 3.8.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.9 views

CVE-2025-69048

CVE-2025-69048 — WordPress Universal Video Player (LambertGroup) (versions ≤ 3.8.4) : The issue is a Reflected XSS caused by improper input neutralization during web page generation. Public entries (NVD/Red Hat/CVE List) confirm the vulnerability and affected range. Exploitation status is not det...

7.1CVSS5.4AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.4 views

CVE-2025-69048 WordPress Universal Video Player plugin <= 3.8.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.4 views

CVE-2025-69048

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

7.1CVSS5.2AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.20 views

CVE-2025-69048 WordPress Universal Video Player plugin <= 3.8.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

7.1CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.3 views

CVE-2025-32123 WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...

7.1CVSS5.9AI score0.00263EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.10 views

CVE-2025-32123

CVE-2025-32123 describes a Reflected XSS in the WordPress plugin HTML5 Video Player with Playlist & Multiple Skins (lbg-vp2-html5-rightside) , affecting versions up to and including 5.3.5. The issue stems from improper input neutralization during web page generation, enabling script injection via...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.4 views

CVE-2025-32123

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...

6.1CVSS5.3AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.22 views

CVE-2025-32123 WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...

7.1CVSS0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.23 views

CVE-2025-27005 WordPress HTML5 Video Player plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...

7.1CVSS0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress plugin Universal Video Player has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.7AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.5 views

PT-2026-3958

Name of the Vulnerable Software and Affected Versions LambertGroup HTML5 Video Player versions through 5.3.5 Description A Reflected Cross-site Scripting XSS issue exists in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom due to improper neutralization of input during web page generation. Th...

5.8AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.14 views

PT-2026-4136

Name of the Vulnerable Software and Affected Versions LambertGroup Universal Video Player versions through 3.8.4 Description The Universal Video Player software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting XSS. This...

5.3AI score0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress plugin Universal Video Player has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.7AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.8 views

WordPress Plugin HTML5 Video Player Cross-Site Script Vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

7.1CVSS5.7AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.11 views

PT-2026-4141

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

5.4AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

VLC < 3.0.22 Multiple Vulnerabilities

The version of VLC media player installed on the remote host is prior to 3.0.22. It is, therefore, affected by multiple vulnerabilities. If successful, a malicious third party could trigger a crash of VLC Denial of service. While these issues in themselves are most likely to just crash the...

4.8CVSS6AI score0.00368EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.20 views

CVE-2023-25066

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

8.8CVSS7.1AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.7 views

CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users...

5.5CVSS6.7AI score0.00157EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/08 1:13 p.m.8 views

WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HTML5 Video Player with Playlist & Multiple Skins versions = 5.3.5...

6.1CVSS6.1AI score0.00263EPSS
Exploits0Affected Software1
Rows per page
Query Builder