16 matches found
CVE-2025-12002
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...
CVE-2025-12002
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...
CVE-2025-12002
CVE-2025-12002 affects the Feeds for YouTube Pro WordPress plugin (
CVE-2025-12002 Feeds for YouTube Pro <= 2.6.0 - Unauthenticated Arbitrary File Read via Path Traversal
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...
CVE-2025-12002 Feeds for YouTube Pro <= 2.6.0 - Unauthenticated Arbitrary File Read via Path Traversal
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...
CVE-2025-12002
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...
WordPress Plugin Feeds for YouTube Pro has a path traversal vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-3336
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sby check wp submit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it...
CVE-2023-25475
Cross-Site Request Forgery CSRF vulnerability in Vladimir Prelovac Smart YouTube PRO plugin = 4.3 versions...
EUVD-2023-29430
Malicious code in bioql PyPI...
CVE-2023-25475
Cross-Site Request Forgery CSRF vulnerability in Vladimir Prelovac Smart YouTube PRO plugin = 4.3 versions...
CVE-2023-25475
Cross-Site Request Forgery CSRF vulnerability in Vladimir Prelovac Smart YouTube PRO plugin = 4.3 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Vladimir Prelovac Smart YouTube PRO plugin = 4.3 versions...
CVE-2023-25475
CVE-2023-25475 : CSRF vulnerability in the WordPress plugin Smart YouTube PRO (Vladimir Prelovac) affecting versions
WordPress Plugin Smart YouTube PRO 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Smart YouTube PRO Plugin <= 4.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Smart YouTube PRO Type Plugin Vulnerable versions = 4.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25475 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 73f3aad1c009 Credits Mika Required privile...