CVE-2025-47551 WordPress Wiki Embed plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in ctltwp Wiki Embed wiki-embed allows Cross Site Request Forgery.This issue affects Wiki Embed: from n/a through = 1.4.6...

WordPress plugin Wiki Embed 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-20164 · Unknown · Ctltwp Wiki Embed

Name of the Vulnerable Software and Affected Versions: ctltwp Wiki Embed versions 1.4.6 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For versions 1.4.6 and...

CVE-2025-46501

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biancardi Mixcloud Embed mixcloud-embed allows Stored XSS.This issue affects Mixcloud Embed: from n/a through = 2.2.0...

WordPress Mixcloud Embed plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by johska in WordPress Plugin Mixcloud Embed versions = 2.2.0...

CVE-2025-46501

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biancardi Mixcloud Embed mixcloud-embed allows Stored XSS.This issue affects Mixcloud Embed: from n/a through = 2.2.0...

CVE-2025-46501 WordPress Mixcloud Embed <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biancardi Mixcloud Embed allows Stored XSS. This issue affects Mixcloud Embed: from n/a through 2.2.0...

CVE-2025-46501

CVE-2025-46501 (Mixcloud Embed, WordPress) : Stored Cross‑Site Scripting vulnerability due to improper input neutralization during web page generation. Affected: Mixcloud Embed versions n/a through 2.2.0. The CVE is assigned with a CVSS v3.1 base score of 6.5 (Medium) and indicates that exploitat...

CVE-2025-46501 WordPress Mixcloud Embed plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biancardi Mixcloud Embed mixcloud-embed allows Stored XSS.This issue affects Mixcloud Embed: from n/a through = 2.2.0...

WordPress plugin Mixcloud Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17807 · Unknown · Mixcloud Embed

Name of the Vulnerable Software and Affected Versions: biancardi Mixcloud Embed versions n/a through 2.2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

Malicious code in airbnb-embed-frame (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 376bf68663b9b18092bb92b3b07313218798ff34c1a714d205121ac55072e1ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3230 Malicious code in airbnb-embed-frame (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 376bf68663b9b18092bb92b3b07313218798ff34c1a714d205121ac55072e1ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-31008

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Embeds For YouTube Plugin Support YouTube Embed youtube-embed allows Stored XSS.This issue affects YouTube Embed: from n/a through = 5.3.1...

WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abhinav Porwal in WordPress Plugin YouTube Embed versions = 5.3.1...

CVE-2025-31008

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Embeds For YouTube Plugin Support YouTube Embed youtube-embed allows Stored XSS.This issue affects YouTube Embed: from n/a through = 5.3.1...

CVE-2025-31008 WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Embeds For YouTube Plugin Support YouTube Embed youtube-embed allows Stored XSS.This issue affects YouTube Embed: from n/a through = 5.3.1...

CVE-2025-31008

CVE-2025-31008 is an authenticated, stored XSS affecting the YouTube embeds for WordPress plugin (Embeds for YouTube). Public details in Wordfence indicate an authenticated (Admin+) Stored Cross-Site Scripting vulnerability in Embeds for YouTube, with affected range including version up to 5.3.1....

PT-2025-15724 · Unknown · Youtube Embed

Name of the Vulnerable Software and Affected Versions: YouTube Embed versions n/a through 5.3.1 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. Specifically, it is a Stored XSS vulnerability in the YouTube...

WordPress plugin YouTube Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...