| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-3098 | Video Url <= 1.0.0.3 - Reflected Cross-Site Scripting | ulshamim | Video Url | Medium | 6.1 | 2025-04-02 09:21:44 | Deep Dive |
| CVE-2025-31566 | WordPress Rio Video Gallery plugin <= 2.3.6 - CSRF to Stored XSS vulnerability | riosisgroup | Rio Video Gallery | High | 7.1 | 2025-03-31 12:55:19 | Deep Dive |
| CVE-2025-22566 | WordPress ULTIMATE VIDEO GALLERY Plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability | extendyourweb | ULTIMATE VIDEO GALLERY | High | 7.1 | 2025-03-28 15:12:26 | Deep Dive |
| CVE-2025-31458 | WordPress Video Embedder plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability | forsgren | Video Embedder | High | 7.1 | 2025-03-28 11:54:10 | Deep Dive |
| CVE-2025-22672 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | Medium | 4.9 | 2025-03-27 14:11:50 | Deep Dive |
| CVE-2025-26583 | WordPress Video Share VOD plugin <= 2.7.9 - Reflected Cross-Site Scripting vulnerability | videowhisper | Video Share VOD | High | 7.1 | 2025-03-26 14:24:21 | Deep Dive |
| CVE-2025-2484 | Multi Video Box <= 1.5.2 - Reflected Cross-Site Scripting via video_id and group_id Parameters | skustes | Multi Video Box | Medium | 6.1 | 2025-03-22 06:41:11 | Deep Dive |
| CVE-2024-10804 | Ultimate Video Player <= 10.0 - Unauthenticated Arbitrary File Download | FWDesign | Ultimate Video Player WordPress & WooCommerce Plugin | High | 7.5 | 2025-03-07 08:21:25 | Deep Dive |
| CVE-2025-23478 | WordPress Photo Video Store plugin <= 21.07 - Reflected Cross Site Scripting (XSS) vulnerability | cmsaccount | Photo Video Store | High | 7.1 | 2025-03-03 13:30:05 | Deep Dive |
| CVE-2025-26753 | WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerability | videowhisper | Broadcast Live Video | High | 7.5 | 2025-02-25 14:17:50 | Deep Dive |
| CVE-2025-26752 | WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerability | videowhisper | Broadcast Live Video | High | 8.6 | 2025-02-25 14:17:50 | Deep Dive |
| CVE-2025-27327 | WordPress Live Streaming Video Player – by SRS Player plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability | Winlin | Live Streaming Video Player – by SRS Player | Medium | 6.5 | 2025-02-24 14:49:06 | Deep Dive |
| CVE-2025-27325 | WordPress Video.js HLS Player plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability | Bruce | Video.js HLS Player | Medium | 6.5 | 2025-02-24 14:49:05 | Deep Dive |
| CVE-2025-27298 | WordPress WP Video Posts plugin <= 3.5.1 - CSRF to Remote Code Execution (RCE) vulnerability | cmstactics | WP Video Posts | High | 8.3 | 2025-02-24 14:48:52 | Deep Dive |
| CVE-2024-13822 | Total Contest Lite <= 2.8.1 - Reflected XSS | Unknown | Photo Contest | Competition | Video Contest | 中危 | - | 2025-02-24 06:00:04 | Deep Dive |
| CVE-2024-13743 | Wonder Video Embed <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wonderplugin | Wonder Video Embed | Medium | 6.4 | 2025-02-18 22:21:32 | Deep Dive |
| CVE-2024-13438 | SpeedSize Image & Video AI-Optimizer <= 1.5.1 - Cross-Site Request Forgery to Clear Cache | speedsize | SpeedSize Image & Video AI-Optimizer | Medium | 4.3 | 2025-02-18 05:22:27 | Deep Dive |
| CVE-2024-13576 | Gumlet Video <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | adityapatadia | Gumlet Video | Medium | 6.4 | 2025-02-18 04:21:17 | Deep Dive |
| CVE-2024-13625 | Tube Video Ads Lite <= 1.5.7 - Reflected XSS | Unknown | Tube Video Ads Lite | 中危 | - | 2025-02-17 06:00:06 | Deep Dive |
| CVE-2025-23523 | WordPress HSS Embed Streaming Video plugin <= 3.23 - Reflected Cross Site Scripting (XSS) vulnerability | hoststreamsell | HSS Embed Streaming Video | High | 7.1 | 2025-02-14 12:44:29 | Deep Dive |