5 matches found
WordPress drm-protected-video-streaming plugin <= 4.2.1 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin S3Player – WooCommerce & Elementor Integration versions = 4.2.1...
CVE-2024-13865
The S3Player WordPress plugin through 4.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2024-13865
The CVE-2024-13865 entry concerns the WordPress plugin S3Player (drm-protected-video-streaming) up to version 4.2.1. Affected component: the plugin’s output path for a request parameter. Root cause: input is not properly sanitized/escaped before being echoed into the page, resulting in a Reflecte...
CVE-2024-13865 drm-protected-video-streaming <= 4.2.1 - Reflected XSS
The S3Player WordPress plugin through 4.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2024-13865 drm-protected-video-streaming <= 4.2.1 - Reflected XSS
The S3Player WordPress plugin through 4.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...