7 matches found
EUVD-2025-28471
Malicious code in bioql PyPI...
EUVD-2025-6426
Malicious code in bioql PyPI...
CVE-2025-0955
The VidoRev Extensions plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'vidorevimportsinglevideo' AJAX action in all versions up to, and including, 2.9.9.9.9.9.5. This makes it possible for unauthenticated attackers to import arbitrary youtube...
CVE-2025-0955 VidoRev Extensions <= 2.9.9.9.9.9.5 - Missing Authorization to Unauthenticated Youtube Video Import
The VidoRev Extensions plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'vidorevimportsinglevideo' AJAX action in all versions up to, and including, 2.9.9.9.9.9.5. This makes it possible for unauthenticated attackers to import arbitrary youtube...
CVE-2025-0955
CVE-2025-0955 affects the VidoRev Extensions WordPress plugin. A missing capability check on AJAX action vidorev_import_single_video allows unauthenticated users to import arbitrary YouTube videos. Status: patched in Wordfence/patchstack records; remediation is to update to a version with the fix...
CVE-2025-0955 VidoRev Extensions <= 2.9.9.9.9.9.5 - Missing Authorization to Unauthenticated Youtube Video Import
The VidoRev Extensions plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'vidorevimportsinglevideo' AJAX action in all versions up to, and including, 2.9.9.9.9.9.5. This makes it possible for unauthenticated attackers to import arbitrary youtube...
WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1546 WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability August 16, 2022 CVE Number CVE-2022-30534 SUMMARY An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit...