79 matches found
WordPress Video Conferencing with Zoom Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)
Software Video Conferencing with Zoom Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2031 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9603227b9596 Credits Krzysztof...
WordPress Video PopUp Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)
Software Video PopUp Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4962 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID de09c56436ca Credits István Márton Required...
WordPress Video Player Plugin <= 1.5.22 is vulnerable to Cross Site Scripting (XSS)
Software Video Player Type Plugin Vulnerable versions = 1.5.22 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48320 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 90d3d469b500 Credits SeungYongLee Required privilege...
WordPress video carousel slider with lightbox Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software video carousel slider with lightbox Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5945 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1fb4a457923c Credits Al...
WordPress Video Playlist For YouTube Plugin <= 6.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Video Playlist For YouTube Type Plugin Vulnerable versions = 6.1 Fixed in 6.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45653 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1ce353f93318 Credits Mika Require...
WordPress Video Player Plugin <= 1.5.22 is vulnerable to Cross Site Scripting (XSS)
Software Video Player Type Plugin Vulnerable versions = 1.5.22 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45632 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e6d8799fdd9f Credits Elliot Required...
CVE-2023-40558 WordPress Video Gallery & Management Plugin <= 3.3.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin = 3.3.5 versions...
WordPress Video gallery and Player Plugin <= 2.6.5 is vulnerable to Broken Access Control
Software Video gallery and Player Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 27dbac5e56cd Credits Abdi Pranata Require...
WordPress Video Conferencing with Zoom Plugin <= 4.2.1 is vulnerable to Sensitive Data Exposure
Software Video Conferencing with Zoom Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-3947 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID 55e6071a651c Credits Lana Codes...
WordPress Video Analytics for Cloudflare Stream Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software Video Analytics for Cloudflare Stream Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ca3447e66eaa Credits Rafie Muhammad...
WordPress Video Reviews / Video Widget Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Video Reviews / Video Widget Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7dac09181d24 Credits Rafie Muhammad...
WordPress Video Player for YouTube Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)
Software Video Player for YouTube Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3d6bf7dd95eb Credits Rafie Muhammad Patchstack...
WordPress Video Gallery Plugin <= 1.0.10 is vulnerable to Cross Site Scripting (XSS)
Software Video Gallery Type Plugin Vulnerable versions = 1.0.10 Fixed in 1.0.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32597 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 30006890509f Credits yuyudhn Required...
WordPress Video Central Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Video Central Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0418 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6114cbd9fcb5 Credits Lana Codes Required...
WordPress Video Background Plugin <= 2.7.4 is vulnerable to Cross Site Scripting (XSS)
Software Video Background Type Plugin Vulnerable versions = 2.7.4 Fixed in 2.7.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4652 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 8720d683d0f2 Credits Lana Codes Requir...
WordPress Video Sidebar Widgets Plugin <= 6.1 is vulnerable to Cross Site Scripting (XSS)
Software Video Sidebar Widgets Type Plugin Vulnerable versions = 6.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4785 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 2859d13481bb Credits István Márton...
WordPress plugin Video Slider 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A cross-site scripting vulnerability exists in versions of the WordPress Video Slider plugin prior to 1.4.8,...
WordPress Video Conferencing with Zoom plugin <= 3.9.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Video Conferencing with Zoom plugin versions = 3.9.2. Solution Update the WordPress Video Conferencing with Zoom plugin to the latest available version at least 3.9.3...
WordPress Video Reviews / Video Widget plugin <= 1.2.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Video Reviews / Video Widget plugin versions = 1.2.2. Solution Update the WordPress Video Reviews / Video Widget plugin to the latest available version at least 1.2.3...
WordPress Video Embed plugin <= 1.0 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Syed Sheeraz Ali Code Vigilant Project in WordPress Video Embed plugin versions = 1.0. Solution This plugin has been closed as of April 19, 2021 and is not available for download. This closure is temporary, pending a full review...