5 matches found
EUVD-2025-4838
Malicious code in bioql PyPI...
CVE-2024-13576
The Gumlet Video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gumlet' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13576
The Gumlet Video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gumlet' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13576 Gumlet Video <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Gumlet Video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gumlet' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13576
CVE-2024-13576 affects the Gumlet Video WordPress plugin. The vulnerability is Stored XSS via the gumlet shortcode in all versions up to and including 1.0.3, caused by insufficient input sanitization/out escaping on user-supplied attributes. Exploitation requires authenticated access at contribut...