CVE-2024-12214

The WooCommerce HSS Extension for Streaming Video plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘videolink’ parameter in all versions up to, and including, 3.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2024-12214

The WooCommerce HSS Extension for Streaming Video plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘videolink’ parameter in all versions up to, and including, 3.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2024-12214 WooCommerce HSS Extension for Streaming Video <= 3.31 - Reflected Cross-Site Scripting via videolink Parameter

The WooCommerce HSS Extension for Streaming Video plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘videolink’ parameter in all versions up to, and including, 3.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

PT-2025-1783 · WordPress · Woocommerce Hss Extension For Streaming Video

Name of the Vulnerable Software and Affected Versions: WooCommerce HSS Extension for Streaming Video plugin versions up to and including 3.31 Description: The issue is related to insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web script...