4 matches found
CVE-2026-56006 WordPress H5P plugin <= 1.17.6 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in H5P = 1.17.6 versions...
WordPress H5P plugin missing authorization vulnerability
WordPress H5P plugin is an open source plugin that allows users to create, manage and embed interactive multimedia content in WordPress websites. A lack of authorization vulnerability exists in WordPress H5P plugin, which can be exploited by an attacker to cause the exploitation of misconfigured...
CVE-2025-68505 WordPress H5P plugin <= 1.16.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through = 1.16.1...
CVE-2025-62951 WordPress H5P plugin <= 1.16.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icc0rz H5P h5p allows Stored XSS.This issue affects H5P: from n/a through = 1.16.0...