9 matches found
EUVD-2025-22497
Malicious code in bioql PyPI...
WordPress Voltax Video Player Cross-Site Scripting Vulnerability
WordPress Voltax Video Player is a video plugin for the WordPress platform, developed by Minute Media, which is mainly used to embed videos and playlists from Minute Media's online video platform into WordPress websites. WordPress Voltax Video Player suffers from a cross-site scripting...
CVE-2025-6539
The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-6539
The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-6539
CVE-2025-6539 concerns the WordPress plugin Voltax Video Player (versions up to 1.6.5). The vulnerability is a Stored Cross-Site Scripting via the id parameter due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Contributor level or higher, en...
CVE-2025-6539 Voltax Video Player <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-6539 Voltax Video Player <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
PT-2025-30651 · WordPress · Voltax Video Player
Name of the Vulnerable Software and Affected Versions: Voltax Video Player versions prior to 1.6.6 Description: The Voltax Video Player plugin for WordPress is susceptible to Stored Cross-Site Scripting through the id parameter. Insufficient input sanitization and output escaping allow...
WordPress plugin Voltax Video Player 跨站脚本漏洞
WordPress Voltax Video Player is a video plugin for the WordPress platform, developed by Minute Media, which is mainly used to embed videos and playlists from Minute Media's online video platform into WordPress websites. WordPress Voltax Video Player suffers from a cross-site scripting...