Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/05/19 1:13 a.m.6 views

WordPress drm-protected-video-streaming plugin <= 4.2.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin S3Player – WooCommerce & Elementor Integration versions = 4.2.1...

6.1CVSS6.3AI score0.00301EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.7 views

CVE-2024-13865

The S3Player WordPress plugin through 4.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

6.1CVSS0.00301EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.30 views

CVE-2024-13865

The CVE-2024-13865 entry concerns the WordPress plugin S3Player (drm-protected-video-streaming) up to version 4.2.1. Affected component: the plugin’s output path for a request parameter. Root cause: input is not properly sanitized/escaped before being echoed into the page, resulting in a Reflecte...

6.1CVSS6.3AI score0.00301EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.10 views

CVE-2024-13865 drm-protected-video-streaming <= 4.2.1 - Reflected XSS

The S3Player WordPress plugin through 4.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

0.00301EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.6 views

CVE-2024-13865 drm-protected-video-streaming <= 4.2.1 - Reflected XSS

The S3Player WordPress plugin through 4.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

6.2AI score0.00301EPSS
Exploits1References1
Rows per page
Query Builder