CVE-2025-8071 Mine CloudVod <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via audio Parameter

Mine CloudVod plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘audio’ parameter in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-8071

CVE-2025-8071 : Mine CloudVod plugin for WordPress has a Stored Cross-Site Scripting (XSS) vulnerability via the audio parameter in all versions up to 2.1.10. The issue arises from insufficient input sanitization and output escaping. It affects authenticated attackers with Contributor-level acces...

WordPress plugin Mine CloudVod 跨站脚本漏洞

WordPress Mine CloudVod is a plugin for audio and video playback and online education management. WordPress Mine CloudVod suffers from a cross-site scripting vulnerability that stems from insufficient input cleanup and output escaping, which can be exploited by an attacker to inject malicious...

PT-2025-30661 · WordPress · Mine Cloudvod

Name of the Vulnerable Software and Affected Versions: Mine CloudVod plugin for WordPress versions up to and including 2.1.10 Description: The Mine CloudVod plugin for WordPress is susceptible to Stored Cross-Site Scripting XSS through the audio parameter. Insufficient input sanitization and outp...