RSS   Vulnerabilities for 'Wp youtube live'   RSS

2022-05-16
 
CVE-2022-1334

CWE-79
 

 
The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

 
2022-04-19
 
CVE-2022-1187

CWE-79
 

 
The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21.

 


Copyright 2024, cxsecurity.com

 

Back to Top