EUVD-2022-38600

Malicious code in bioql PyPI...

EUVD-2023-29432

Malicious code in bioql PyPI...

CVE-2023-25477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yotuwp Video Gallery plugin = 1.3.12 versions...

CVE-2024-4258

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...

CVE-2024-4258

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...

CVE-2024-4551

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...

CVE-2024-4551 Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Authenticated (Contributor+) Arbitrary File Inclusion via Shortcode

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...

CVE-2024-4551

CVE-2024-4551 affects Video Gallery – YouTube Playlist, Channel Gallery by YotuWP (WordPress plugin) up to version 1.3.13. The flaw enables authenticated attackers with contributor+ privileges to perform Local File Inclusion via Shortcode/display function, allowing inclusion and execution of arbi...

CVE-2024-4551 Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Authenticated (Contributor+) Arbitrary File Inclusion via Shortcode

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...

CVE-2024-4258 Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Unauthenticated Local File Inclusion

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...

WordPress Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin <= 1.3.13 - Authenticated Arbitrary File Inclusion via Shortcode vulnerability

Authenticated Arbitrary File Inclusion via Shortcode vulnerability discovered by Foxyyy in WordPress Plugin Video Gallery versions = 1.3.13...

WordPress Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin <= 1.3.13 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by WordFence in WordPress Plugin Video Gallery versions = 1.3.13...

Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Authenticated (Contributor+) Arbitrary File Inclusion via Shortcode

Description The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to...

CVE-2023-25477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yotuwp Video Gallery plugin = 1.3.12 versions...

CVE-2023-25477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yotuwp Video Gallery plugin = 1.3.12 versions...

CVE-2023-25477

CVE-2023-25477 is a stored XSS in the WordPress plugin Yotuwp Video Gallery (versions

CVE-2023-25477 WordPress Video Gallery Plugin <= 1.3.12 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yotuwp Video Gallery plugin = 1.3.12 versions...

PT-2023-20095 · WordPress · Yotuwp Video Gallery

Name of the Vulnerable Software and Affected Versions: Yotuwp Video Gallery plugin versions prior to 1.3.13 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For Yotuwp Video Gallery plugin...

CVE-2022-35726

Broken Authentication vulnerability in yotuwp Video Gallery plugin = 1.3.4.5 at WordPress...

CVE-2022-35726

The CVE-2022-35726 entry concerns the yotuwp Video Gallery WordPress plugin, affected versions 1.3.4.5 and earlier, with a Broken Authentication vulnerability. Technical details across connected sources confirm the vulnerability lies in the plugin’s authentication mechanism, enabling unauthorized...