CVE-2026-32348 WordPress MAS Videos plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

WordPress plugin MAS Videos 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-24535

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...

CVE-2026-24535

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...

CVE-2026-24535 WordPress Automatic Featured Images from Videos plugin <= 1.2.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...

WordPress plugin: Automatic Featured Images from Videos security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-62753

CVE-2025-62753 affects MAS Videos (WordPress plugin) up to version 1.3.2. The issue is an Improper Control of Filename for Include/Require Statement in PHP (PHP Remote File Inclusion), effectively a Local File Inclusion risk. The CVSS 3.1 metric indicates a base score of 7.5 (HIGH) with network a...

EUVD-2023-35116

Malicious code in bioql PyPI...

EUVD-2024-34180

Malicious code in bioql PyPI...

CVE-2023-30752

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin = 2.0.1 versions...

CVE-2024-6719

The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack...

CVE-2024-6719

The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack...

CVE-2024-6719

The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack...

CVE-2024-6719 Offload Videos – Bunny.net, AWS S3 <= 1.0.1 Subscriber+ CSRF

The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack...

CVE-2024-6719

The CVE-2024-6719 entry concerns the WordPress plugin “Offload Videos” (bunny.net/AWS S3 integration) prior to version 1.0.1. According to the documentation, the vulnerability arises from a missing CSRF check when updating plugin settings, which could allow low-privilege users to alter settings v...

PT-2025-21495

Name of the Vulnerable Software and Affected Versions: The Offload Videos WordPress plugin versions prior to 1.0.1 Description: The issue concerns a lack of CSRF check when updating settings in the plugin, which could allow low-privilege users to update them via a CSRF attack. Recommendations: Fo...

CVE-2025-31384 WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Aviplugins Videos videos allows Reflected XSS.This issue affects Videos: from n/a through = 1.0.5...

CVE-2025-31384

CVE-2025-31384 affects the Aviplugins Videos WordPress plugin, with an issue described as Improper Neutralization of Script-Related HTML Tags in a Web Page (Reflected XSS) affecting Versions up to 1.0.5. The vulnerability is exploitable via network vector and requires user interaction; CVSS 3.1 b...

WordPress plugin Videos 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Videos versions = 1.0.5...