| CVE-2026-32348 | WordPress MAS Videos plugin <= 1.3.2 - Broken Access Control vulnerability | MadrasThemes | MAS Videos | 中危 | - | 2026-03-13 11:41:59 | Deep Dive |
| CVE-2026-0702 | VidShop – Shoppable Videos for WooCommerce <= 1.1.4 - Unauthenticated Time-Based SQL Injection via 'fields' | wpcreatix | VidShop – Shoppable Videos for WooCommerce | High | 7.5 | 2026-01-28 08:26:55 | Deep Dive |
| CVE-2026-24535 | WordPress Automatic Featured Images from Videos plugin <= 1.2.7 - Broken Access Control vulnerability | webdevstudios | Automatic Featured Images from Videos | Medium | 4.3 | 2026-01-23 14:28:51 | Deep Dive |
| CVE-2025-62080 | WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Cross Site Request Forgery (CSRF) vulnerability | Channelize.io Team | Live Shopping & Shoppable Videos For WooCommerce | Medium | 4.3 | 2025-12-31 15:44:46 | Deep Dive |
| CVE-2025-62081 | WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Broken Access Control vulnerability | Channelize.io Team | Live Shopping & Shoppable Videos For WooCommerce | Medium | 5.3 | 2025-12-31 15:00:19 | Deep Dive |
| CVE-2025-62753 | WordPress MAS Videos plugin <= 1.3.4 - Local File Inclusion vulnerability | MadrasThemes | MAS Videos | High | 7.5 | 2025-12-30 22:37:03 | Deep Dive |
| CVE-2025-7732 | Lazy Load for Videos <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes | kevinweber | Lazy Load for Videos | Medium | 6.4 | 2025-08-27 01:46:49 | Deep Dive |
| CVE-2025-49061 | WordPress Porn Videos Embed plugin <= 0.9.1 - Cross Site Scripting (XSS) vulnerability | perteus | Porn Videos Embed | Medium | 6.5 | 2025-08-14 10:34:13 | Deep Dive |
| CVE-2025-52802 | WordPress Import YouTube videos as WP Posts plugin <= 2.1 - Broken Access Control Vulnerability | enguerranws | Import YouTube videos as WP Posts | High | 7.5 | 2025-06-20 15:03:40 | Deep Dive |
| CVE-2024-6719 | Offload Videos – Bunny.net, AWS S3 <= 1.0.1 Subscriber+ CSRF | Unknown | Offload Videos | - | - | 2025-05-15 20:07:10 | Deep Dive |
| CVE-2025-32516 | WordPress Related Videos for JW Player plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability | ilGhera | Related Videos for JW Player | High | 7.1 | 2025-04-17 15:47:44 | Deep Dive |
| CVE-2025-31384 | WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability | Aviplugins | Videos | High | 7.1 | 2025-04-04 13:43:15 | Deep Dive |
| CVE-2025-31820 | WordPress Automatic Featured Images from Videos plugin <= 1.2.4 - Broken Access Control vulnerability | webdevstudios | Automatic Featured Images from Videos | Medium | 4.3 | 2025-04-01 14:51:45 | Deep Dive |
| CVE-2024-11747 | Responsive Videos <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpenhanced | Responsive Videos | Medium | 6.4 | 2024-12-04 02:40:28 | Deep Dive |
| CVE-2024-11203 | EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor <= 4.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'provider_name' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-11-28 08:47:31 | Deep Dive |
| CVE-2024-11428 | Lazy load videos and sticky control <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | aishan | Lazy load videos and sticky control | Medium | 6.4 | 2024-11-21 02:06:29 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9346 | Embed videos and respect privacy <= 1.2 - Reflected Cross-Site Scripting | michaelzangl | Embed videos and respect privacy | Medium | 6.1 | 2024-10-11 06:50:16 | Deep Dive |
| CVE-2024-1565 | EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-13 08:31:32 | Deep Dive |
| CVE-2024-5571 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-05 08:33:16 | Deep Dive |