Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.16 views

CVE-2025-4955

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

4.7CVSS6.6AI score0.0032EPSS
Exploits1References1
NVD
NVD
added 2025/06/18 6:15 a.m.6 views

CVE-2025-4955

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

4.7CVSS0.0032EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/18 6:0 a.m.11 views

CVE-2025-4955 tarteaucitron.io < 1.9.5 - Contributor+ Stored XSS

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

4.6AI score0.0032EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/18 6:0 a.m.14 views

CVE-2025-4955 tarteaucitron.io < 1.9.5 - Contributor+ Stored XSS

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

0.0032EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.5 views

WordPress plugin tarteaucitron.io 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.7CVSS5.8AI score0.0032EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.6 views

PT-2025-25772 · WordPress · Tarteaucitron.Io

Name of the Vulnerable Software and Affected Versions: tarteaucitron.io WordPress plugin versions prior to 1.9.5 Description: The issue concerns the tarteaucitron.io WordPress plugin, which uses query parameters from YouTube oEmbed URLs without proper sanitization. This could allow users with the...

4.7CVSS5.8AI score0.0032EPSS
Exploits1References6
Rows per page
Query Builder