6 matches found
CVE-2025-23947
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through = 2.6.1...
CVE-2025-23947
creationtimestamp| type| source ---|---|--- 2025-01-16 21:20:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7jgiqqo2t 2025-01-16 22:56:09+00:00| seen| https://t.me/cvedetector/15645 2025-01-17 21:57:06+00:00| published-proof-of-concept|...
CVE-2025-23947
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through = 2.6.1...
CVE-2025-23947 WordPress WP-Player plugin <= 2.6.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through = 2.6.1...
CVE-2025-23947
CVE-2025-23947 : Stored XSS in WP-Player (WordPress plugin). Root cause: improper input neutralization during web page generation. Affected: WP-Player versions from n/a up to 2.6.1. Public details in RH/Red Hat and Wordfence entries confirm the vulnerability; no public fixes/versioned remediation...
CVE-2025-23947 WordPress WP-Player plugin <= 2.6.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through = 2.6.1...