CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata

The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

PT-2025-31907 · WordPress · Use-Your-Drive | Google Drive

Name of the Vulnerable Software and Affected Versions: Use-your-Drive | Google Drive plugin for WordPress versions prior to 3.3.2 Description: The Use-your-Drive | Google Drive plugin for WordPress is susceptible to Stored Cross-Site Scripting via the title parameter in file metadata. Insufficien...

CVE-2021-42546

Insufficient Input Validation in the search functionality of Wordpress plugin Use-Your-Drive prior to 1.18.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack...