WWBN AVideo: Unauthenticated Reflected XSS via $_GET['search'] in AVideo YouTubeAPI Gallery Pagination

Unauthenticated Reflected XSS via $GET'search' in AVideo YouTubeAPI Gallery Pagination Summary A reflected Cross-Site Scripting vulnerability CWE-79 in the AVideo YouTubeAPI plugin allows any unauthenticated attacker to execute arbitrary JavaScript in a victim's browser session when the victim...

CVE-2024-34377 WordPress Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery plugin <= 1.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in A WP Life Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery.This issue affects Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery: from n/a through 1.5.3...

PT-2024-25836 · Unknown · Video Gallery – Api Gallery

Name of the Vulnerable Software and Affected Versions: Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery versions 1.5.3 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects the Video Gallery – Api Gallery, YouTube and Vimeo,...

WordPress Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery Plugin <= 1.5.3 is vulnerable to Broken Access Control

Software Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34377 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...