CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Cvelist•added 2026/04/15 3:55 p.m.•12 views

CVE-2025-15636 WordPress YouTube Showcase plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in emarket-design YouTube Showcase youtube-showcase allows Stored XSS.This issue affects YouTube Showcase: from n/a through = 3.5.1...

6.5CVSS0.00156EPSS

Exploits0References1

Cvelist•added 2026/01/17 2:22 a.m.•28 views

CVE-2025-12002 Feeds for YouTube Pro <= 2.6.0 - Unauthenticated Arbitrary File Read via Path Traversal

The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...

5.9CVSS0.00384EPSS

Exploits0References7

Vulnrichment•added 2025/12/24 1:10 p.m.•1 views

CVE-2025-68599 WordPress YouTube Embed plugin <= 5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Embeds For YouTube Plugin Support YouTube Embed youtube-embed allows Stored XSS.This issue affects YouTube Embed: from n/a through = 5.4...

6.5CVSS5.6AI score0.0013EPSS

Exploits0References1

Patchstack•added 2025/11/25 12:7 a.m.•5 views

WordPress YouTube Subscribe plugin <= 3.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Title and Channel ID vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via Title and Channel ID vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin YouTube Subscribe versions = 3.0.0...

4.4CVSS5.8AI score0.0019EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/11/21 12:29 p.m.•2 views

CVE-2025-66062 WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects WP YouTube Lyte: from n/a through = 1.7.28...

3.4CVSS6.5AI score0.00169EPSS

Exploits0References1

Cvelist•added 2025/08/20 8:3 a.m.•8 views

CVE-2025-53563 WordPress Youtube Vimeo Video Player and Slider <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Youtube Vimeo Video Player and Slider videoplayeryoutubevimeo allows Reflected XSS.This issue affects Youtube Vimeo Video Player and Slider: from n/a through = 3.8...

7.1CVSS0.00226EPSS

Exploits0References1

CVE•added 2025/06/27 1:21 p.m.•15 views

CVE-2025-53261

CVE-2025-53261 affects WordPress plugin WP YouTube Live (macbookandrew). Vulnerability type: Cross-Site Request Forgery (CSRF). Affected versions:

4.3CVSS5.9AI score0.0014EPSS

Exploits0References1

Cvelist•added 2025/04/09 4:10 p.m.•14 views

CVE-2025-31008 WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability

5.9CVSS0.0033EPSS

Exploits0References1

Vulnrichment•added 2025/04/09 4:10 p.m.•5 views

CVE-2025-31008 WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability

5.9CVSS7.2AI score0.0033EPSS

Exploits0References1

Patchstack•added 2023/01/19 12:0 a.m.•7 views

WordPress Youtube shortcode Plugin <= 1.8.5 is vulnerable to Cross Site Scripting (XSS)

Software Youtube shortcode Type Plugin Vulnerable versions = 1.8.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23687 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c5d93f87872c Credits István Márton Required...

6.5CVSS6AI score0.00393EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/01/11 12:0 a.m.•15 views

WordPress YouTube Channel Plugin < 3.23.0 is vulnerable to Cross Site Scripting (XSS)

Software YouTube Channel Type Plugin Vulnerable versions 3.23.0 Fixed in 3.23.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4756 Patch priority Medium CVSS severity Medium 6.3 Developer Aleksandar Urošević PSID 3866f6e0ecf5 Credits Lana Codes...

5.4CVSS5.9AI score0.00605EPSS

Exploits1References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by