3 matches found
CVE-2024-12449
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperplayerhtml' shortcode in all versions up to, and including, 2.6.30 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-12449
creationtimestamp| type| source ---|---|--- 2024-12-18 03:48:45+00:00| seen| https://infosec.exchange/users/cve/statuses/113671780741097480 2024-12-18 06:09:48+00:00| seen| https://t.me/cvedetector/13150...
CVE-2024-12449 Video Share VOD – Turnkey Video Site Builder Script <= 2.6.30 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperplayerhtml' shortcode in all versions up to, and including, 2.6.30 due to insufficient input sanitization and output escaping on user supplied...