2 matches found
PT-2025-25772 · WordPress · Tarteaucitron.Io
Name of the Vulnerable Software and Affected Versions: tarteaucitron.io WordPress plugin versions prior to 1.9.5 Description: The issue concerns the tarteaucitron.io WordPress plugin, which uses query parameters from YouTube oEmbed URLs without proper sanitization. This could allow users with the...
PT-2023-16130 · WordPress · Nex-Forms
Name of the Vulnerable Software and Affected Versions: NEX-Forms WordPress plugin versions prior to 8.3.3 Description: The issue concerns the NEX-Forms WordPress plugin, which does not properly validate and escape some of its shortcode attributes before outputting them in a page or post. This cou...