2 matches found
CVE-2022-3937
CVE-2022-3937 affects the Easy Video Player WordPress plugin prior to 1.2.2.3. The root cause is insufficient sanitization/escaping of certain parameters, enabling a user with as low as Contributor to perform Cross-Site Scripting (XSS). The vulnerability can impact pages where the plugin processe...
CVE-2023-51689
CVE-2023-51689 affects the WordPress plugin Easy Video Player (naa986) up to version 1.2.2.10 with a Stored XSS vulnerability arising from improper input neutralization during web page generation. Public details identify the vulnerable component as the Easy Video Player plugin and the impact as s...