2 matches found
CVE-2022-3937 Easy Video Player < 1.2.2.3 - Contributor+ Stored XSS
The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...
CVE-2022-3937
CVE-2022-3937 affects the Easy Video Player WordPress plugin prior to 1.2.2.3. The root cause is insufficient sanitization/escaping of certain parameters, enabling a user with as low as Contributor to perform Cross-Site Scripting (XSS). The vulnerability can impact pages where the plugin processe...