Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-22497

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00291EPSS
Exploits0References2
CNVD
CNVD
added 2025/07/30 12:0 a.m.4 views

WordPress Voltax Video Player Cross-Site Scripting Vulnerability

WordPress Voltax Video Player is a video plugin for the WordPress platform, developed by Minute Media, which is mainly used to embed videos and playlists from Minute Media's online video platform into WordPress websites. WordPress Voltax Video Player suffers from a cross-site scripting...

6.4CVSS6.3AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/26 9:34 a.m.12 views

CVE-2025-6539

The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

6.4CVSS6AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2025/07/24 10:15 a.m.4 views

CVE-2025-6539

The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

6.4CVSS0.00291EPSS
Exploits0References2
CVE
CVE
added 2025/07/24 9:22 a.m.23 views

CVE-2025-6539

CVE-2025-6539 concerns the WordPress plugin Voltax Video Player (versions up to 1.6.5). The vulnerability is a Stored Cross-Site Scripting via the id parameter due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Contributor level or higher, en...

6.4CVSS5.5AI score0.00291EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/24 9:22 a.m.4 views

CVE-2025-6539 Voltax Video Player <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

6.4CVSS5.6AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/24 9:22 a.m.7 views

CVE-2025-6539 Voltax Video Player <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The Voltax Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

6.4CVSS0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.1 views

PT-2025-30651 · WordPress · Voltax Video Player

Name of the Vulnerable Software and Affected Versions: Voltax Video Player versions prior to 1.6.6 Description: The Voltax Video Player plugin for WordPress is susceptible to Stored Cross-Site Scripting through the id parameter. Insufficient input sanitization and output escaping allow...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/24 12:0 a.m.3 views

WordPress plugin Voltax Video Player 跨站脚本漏洞

WordPress Voltax Video Player is a video plugin for the WordPress platform, developed by Minute Media, which is mainly used to embed videos and playlists from Minute Media's online video platform into WordPress websites. WordPress Voltax Video Player suffers from a cross-site scripting...

6.4CVSS6.2AI score0.00291EPSS
Exploits0References2
Rows per page
Query Builder