10 matches found
EUVD-2025-19340
Malicious code in bioql PyPI...
CVE-2025-53261
Cross-Site Request Forgery CSRF vulnerability in macbookandrew WP YouTube Live wp-youtube-live allows Cross Site Request Forgery.This issue affects WP YouTube Live: from n/a through = 1.10.0...
CVE-2025-53261
Cross-Site Request Forgery CSRF vulnerability in macbookandrew WP YouTube Live wp-youtube-live allows Cross Site Request Forgery.This issue affects WP YouTube Live: from n/a through = 1.10.0...
CVE-2025-53261 WordPress WP YouTube Live plugin <= 1.10.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in macbookandrew WP YouTube Live wp-youtube-live allows Cross Site Request Forgery.This issue affects WP YouTube Live: from n/a through = 1.10.0...
PT-2025-27168 · WordPress · Wp Youtube Live
Name of the Vulnerable Software and Affected Versions: WP YouTube Live versions 1.10.0 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized requests. Recommendations: For WP YouTube Live versions 1.10.0 and earlier, update to a version that...
CVE-2022-1187
The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the /inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21...
CVE-2022-1334
The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-1334
The CVE-2022-1334 entry concerns the WordPress WP YouTube Live plugin (versions before 1.8.3). The vulnerability stems from insufficient validation, sanitization, and escaping of multiple settings, enabling Cross-Site Scripting (XSS) by high-privilege users (e.g., admins), even when unfiltered_ht...
CVE-2022-1187 WP YouTube Live <= 1.7.21 - Reflected Cross-Site Scripting
The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the /inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21...
CVE-2022-1187
CVE-2022-1187 affects the WordPress WP YouTube Live Plugin. The vulnerability is a reflected cross-site scripting (XSS) via POST data in the file ~/inc/admin.php, allowing unauthenticated attackers to inject scripts. Affected versions are up to and including 1.7.21 . Public sources in the connect...