4 matches found
CVE-2025-13727
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 2.7.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
EUVD-2024-50867
Malicious code in bioql PyPI...
CVE-2024-13393 Video Share VOD – Turnkey Video Site Builder Script <= 2.6.31 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhispervideos' shortcode in all versions up to, and including, 2.6.31 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-13393
CVE-2024-13393 affects the Video Share VOD – Turnkey Video Site Builder Script WordPress plugin. The vulnerability is Stored Cross-Site Scripting via the videowhisper_videos shortcode in all versions up to 2.6.31, caused by insufficient input sanitization and output escaping of user-supplied attr...