2 matches found
CVE-2022-44590
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in James Lao's Simple Video Embedder plugin = 2.2 on WordPress...
CVE-2022-44590
CVE-2022-44590 affects the WordPress plugin Simple Video Embedder (versions ≤ 2.2). The root cause is inadequate sanitization/escaping of parameters, enabling a stored XSS by users with Contributor+ access. Reported across multiple sources (NVD, WPVulndb, Patchstack, PT-Security). Impact is descr...