Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/25 9:16 a.m.10 views

CVE-2025-14906

The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce verification on the wpYTVideoGallerySettingSave function. This makes it possible for unauthenticated attackers to modify plugin...

4.3CVSS5.5AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2026/01/24 8:16 a.m.7 views

CVE-2025-14906

The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce verification on the wpYTVideoGallerySettingSave function. This makes it possible for unauthenticated attackers to modify plugin...

4.3CVSS0.00132EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/24 7:26 a.m.3 views

CVE-2025-14906 WP Youtube Video Gallery <= 1.0 - Cross-Site Request Forgery to Plugin Settings Update

The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce verification on the wpYTVideoGallerySettingSave function. This makes it possible for unauthenticated attackers to modify plugin...

4.3CVSS5.8AI score0.00132EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/01/24 12:49 a.m.9 views

WordPress WP Youtube Video Gallery plugin <= 1.0 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin WP Youtube Video Gallery versions = 1.0...

4.3CVSS5.5AI score0.00132EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/24 12:0 a.m.7 views

PT-2026-4573

The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce verification on the wpYTVideoGallerySettingSave function. This makes it possible for unauthenticated attackers to modify plugin...

4.3CVSS5.5AI score0.00132EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.7 views

WordPress plugin WP YouTube Video Gallery cross-site request forgeing vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.7AI score0.00132EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31859

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00326EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-45129

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:55 a.m.12 views

CVE-2024-3268

The YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the emdformbuilderlitesubmitform function in all versions up to, and including, 3.3.6. This makes it...

5.3CVSS6.7AI score0.00326EPSS
Exploits0References1
CVE
CVE
added 2024/05/21 11:33 a.m.69 views

CVE-2024-3268

CVE-2024-3268 : The WordPress plugin “YouTube Video Gallery by YouTube Showcase – Video Gallery” is vulnerable to unauthorized modification of data due to a missing capability check in emd_form_builder_lite_submit_form. The issue affects all versions up to 3.3.6, enabling unauthenticated attacker...

5.3CVSS5.6AI score0.00326EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/21 11:33 a.m.15 views

CVE-2024-3268 YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress <= 3.3.6 - Missing Authorization to Arbitrary Post/Page Creation

The YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the emdformbuilderlitesubmitform function in all versions up to, and including, 3.3.6. This makes it...

5.3CVSS6.8AI score0.00326EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.5 views

PT-2024-24765 · WordPress · The Youtube Video Gallery By Youtube Showcase

Name of the Vulnerable Software and Affected Versions: The YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress versions up to, and including, 3.3.6 Description: The issue allows unauthorized modification of data due to a missing capability check on the emd form builder...

5.3CVSS7AI score0.00326EPSS
Exploits0References7
OSV
OSV
added 2023/10/03 2:15 p.m.3 views

CVE-2023-40558

Cross-Site Request Forgery CSRF vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin = 3.3.5 versions...

8.8CVSS7.3AI score0.00208EPSS
Exploits0References1
Prion
Prion
added 2023/10/03 2:15 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin = 3.3.5 versions...

6.8CVSS8.8AI score0.00208EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/03 1:29 p.m.51 views

CVE-2023-40558

CVE-2023-40558 : CSRF in the WordPress plugin “eMarket Design YouTube Video Gallery by YouTube Showcase” ( 3.3.5, with Patchstack noting fixed in 3.3.6. Other sources corroborate vulnerability details and patch guidance. If not upgrading, consider monitoring and applying vendor patch in a timely ...

8.8CVSS7.1AI score0.00208EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.3 views

WordPress Plugin YouTube Video Gallery by YouTube Showcase - Video Gallery Plugin for WordPress Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin YouTube Video Gallery...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/03 12:0 a.m.5 views

PT-2023-27510 · Unknown · Emarket Design Youtube Video Gallery

Name of the Vulnerable Software and Affected Versions: eMarket Design YouTube Video Gallery by YouTube Showcase plugin versions = 3.3.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web...

8.8CVSS8.8AI score0.00208EPSS
Exploits0References5
Rows per page
Query Builder