22 matches found
CVE-2026-10092
The Cincopa video and media plug-in plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cincopa Shortcode in Post Comments in all versions up to, and including, 1.163 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...
CVE-2026-10092 Cincopa video and media plug-in <= 1.163 - Unauthenticated Stored Cross-Site Scripting via cincopa Shortcode in Post Comments
The Cincopa video and media plug-in plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cincopa Shortcode in Post Comments in all versions up to, and including, 1.163 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...
EUVD-2026-38662
The Cincopa video and media plug-in plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cincopa Shortcode in Post Comments in all versions up to, and including, 1.163 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...
CVE-2026-10092
The Cincopa video and media plugin for WordPress (versions up to 1.163) is vulnerable to unauthenticated Stored Cross-Site Scripting via the cincopa shortcode in post comments. The root cause is insufficient input sanitization and output escaping, enabling unauthenticated visitors who can post co...
PT-2026-51665
Name of the Vulnerable Software and Affected Versions Cincopa video and media plug-in versions prior to 1.164 Description The Cincopa video and media plug-in for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the plugin processes the cincopa shortcode via a comment te...
CVE-2025-62142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicashmu Post Video Players video-playlist-and-gallery-plugin allows Stored XSS.This issue affects Post Video Players: from n/a through = 1.163...
CVE-2025-62142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicashmu Post Video Players video-playlist-and-gallery-plugin allows Stored XSS.This issue affects Post Video Players: from n/a through = 1.163...
CVE-2025-62142
Technical details about CVE-2025-62142 are not provided in the supplied documents. The connected materials do not specify affected products, root cause, or fixes; monitor for updates.
CVE-2025-62142 WordPress Post Video Players plugin <= 1.163 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicashmu Post Video Players video-playlist-and-gallery-plugin allows Stored XSS.This issue affects Post Video Players: from n/a through = 1.163...
CVE-2025-62142 WordPress Cincopa video and media plug-in plugin <= 1.163 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicashmu Cincopa video and media plugin allows Stored XSS.This issue affects Cincopa video and media plug-in: from n/a through 1.163...
EUVD-2025-205962
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicashmu Cincopa video and media plugin allows Stored XSS.This issue affects Cincopa video and media plug-in: from n/a through 1.163...
WordPress plugin Cincopa video and media plugin 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-54321
Name of the Vulnerable Software and Affected Versions Cincopa video and media plugin versions through 1.163 Description The Cincopa video and media plugin contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means th...
EUVD-2024-21010
Malicious code in bioql PyPI...
CVE-2024-23515
Cross-Site Request Forgery CSRF vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159...
CVE-2024-23515
Cross-Site Request Forgery CSRF vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159...
CVE-2024-23515
CVE-2024-23515 is a CSRF vulnerability in the WordPress plugin Cincopa Post Video Players (versions
CVE-2024-23515 WordPress Cincopa video and media plugin <= 1.159 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159...
CVE-2024-23515 WordPress Cincopa video and media plugin <= 1.159 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159...
WordPress Plugin Cincopa video and media plug-in 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...