2 matches found
CVE-2025-58192
CVE-2025-58192 affects the WordPress plugin “WP Bulk Delete” (Xylus Themes WP Bulk Delete) up to version 1.3.6. Description: missing/incorrect authorization allows bypass of access control, enabling actions that should be restricted. Impact per sources ranges from MEDIUM (CVSS 3.1 base 5.4) to lo...
PT-2024-17259 · WordPress · Streamweasels Youtube Integration
Name of the Vulnerable Software and Affected Versions: StreamWeasels YouTube Integration plugin for WordPress versions up to, and including, 1.3.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'sw-youtube-embed' shortcode due to insufficient input sanitization...