5 matches found
CVE-2026-7544
Summary (CVE-2026-7544) : The Mux Video Uploader WordPress plugin (≤ v1.1.4) is vulnerable to Sensitive Information Exposure via muxvideo_enqueue_settings_script. Authenticated users with subscriber-level access or higher can extract sensitive data, including Mux API credentials. The CVE notes th...
EUVD-2026-43128
The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the muxvideoenqueuesettingsscript. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive data...
chewb-server (>=0.0.1 <=0.0.20), video-dash-uploader (>=0.0.1 <=0.0.4) +1 more potentially affected by CVE-2020-28436 via google-cloudstorage-commands (=0.0.1)
google-cloudstorage-commands NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on google-cloudstorage-commands and may be impacted: - chewb-server =0.0.1, =0.0.1, =0.0.1, =0.0.2 Source cves: CVE-2020-28436 Source advisory:...
chewb-server (>=0.0.1 <=0.0.20), video-dash-uploader (>=0.0.1 <=0.0.4) +1 more potentially affected by CVE-2020-28436 via google-cloudstorage-commands (=0.0.1)
google-cloudstorage-commands NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on google-cloudstorage-commands and may be impacted: - chewb-server =0.0.1, =0.0.1, =0.0.1, =0.0.2 Source cves: CVE-2020-28436 Source advisory:...
ArticleFR 'videouploader.php' Arbitrary File Upload Vulnerability
ArticleFR is a CMS system for free article directories. ArticleFR 'videouploader.php' fails to properly validate user-submitted files, allowing remote attackers to exploit the vulnerability to upload arbitrary files and execute them...