| CVE-2025-0692 | Simple Video Management System <= 1.0.4 - Admin+ Stored XSS | Unknown | Simple Video Management System | 中危 | - | 2025-02-13 06:00:13 | Deep Dive |
| CVE-2025-25097 | WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability | kwiliarty | External Video For Everybody | Medium | 6.5 | 2025-02-07 10:11:40 | Deep Dive |
| CVE-2025-20179 | Cisco Expressway Series Cross-Site Scripting Vulnerability | Cisco | Cisco TelePresence Video Communication Server (VCS) Expressway | Medium | 6.1 | 2025-02-05 16:14:04 | Deep Dive |
| CVE-2025-23799 | WordPress .TUBE Video Curator Plugin <= 1.1.9 - Reflected Cross Site Scripting (XSS) vulnerability | tubegtld | .TUBE Video Curator | High | 7.1 | 2025-02-03 14:22:45 | Deep Dive |
| CVE-2024-13561 | Target Video Easy Publish <= 3.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via brid_override_yt Shortcode | nebojsadabic | Target Video Easy Publish | Medium | 6.4 | 2025-01-29 11:10:02 | Deep Dive |
| CVE-2024-12076 | Target Video Easy Publish <= 3.8.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | nebojsadabic | Target Video Easy Publish | Medium | 6.1 | 2025-01-25 07:24:14 | Deep Dive |
| CVE-2025-23634 | WordPress Youtube Video Grid plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability | codehandling | Youtube Video Grid | High | 7.1 | 2025-01-23 15:29:41 | Deep Dive |
| CVE-2024-12504 | Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP <= 6.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | videowhisper | Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP | Medium | 6.4 | 2025-01-23 11:13:28 | Deep Dive |
| CVE-2025-23809 | WordPress Blue Wrench Video Widget Plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Sunil Nanda | Blue Wrench Video Widget | High | 7.1 | 2025-01-22 15:42:33 | Deep Dive |
| CVE-2024-13393 | Video Share VOD – Turnkey Video Site Builder Script <= 2.6.31 - Authenticated (Contributor+) Stored Cross-Site Scripting | videowhisper | Video Share VOD – Turnkey Video Site Builder Script | Medium | 6.4 | 2025-01-18 07:05:11 | Deep Dive |
| CVE-2024-12403 | Image Gallery – Responsive Photo Gallery <= 1.0.5 - Reflected Cross-Site Scripting | realwebcare | Awesome Responsive Photo Gallery – Image & Video Lightbox Gallery | Medium | 6.1 | 2025-01-15 09:25:55 | Deep Dive |
| CVE-2024-13156 | HTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.35 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via heading Parameter | bplugins | HTML5 Video Player – Embed and Play Videos in Custom Player | Medium | 6.4 | 2025-01-14 08:23:15 | Deep Dive |
| CVE-2025-22554 | WordPress Video Embed Optimizer plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability | fdfranklin06 | Video Embed Optimizer | Medium | 6.5 | 2025-01-07 14:57:17 | Deep Dive |
| CVE-2024-12256 | Simple Video Management System <= 1.0.4 - Reflected Cross-Site Scripting | maximize | Simple Video Management System | Medium | 6.1 | 2025-01-07 04:22:19 | Deep Dive |
| CVE-2024-12214 | WooCommerce HSS Extension for Streaming Video <= 3.31 - Reflected Cross-Site Scripting via videolink Parameter | hoststreamsell | WooCommerce HSS Extension for Streaming Video | Medium | 6.1 | 2025-01-07 04:21:57 | Deep Dive |
| CVE-2024-12449 | Video Share VOD – Turnkey Video Site Builder Script <= 2.6.30 - Authenticated (Contributor+) Stored Cross-Site Scripting | videowhisper | Video Share VOD – Turnkey Video Site Builder Script | Medium | 6.4 | 2024-12-18 03:22:07 | Deep Dive |
| CVE-2024-54370 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.0 - Arbitrary File Upload vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | Critical | 9.9 | 2024-12-16 14:31:32 | Deep Dive |
| CVE-2024-54408 | WordPress Youtube Video Grid plugin <= 1.9 - CSRF to Settings Change vulnerability | codehandling | Youtube Video Grid | Medium | 6.5 | 2024-12-16 14:13:58 | Deep Dive |
| CVE-2024-54421 | WordPress Floating Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerability | Sanjay_Negi | Floating Video Player | High | 7.1 | 2024-12-16 14:13:51 | Deep Dive |
| CVE-2024-11883 | Connatix Video Embed <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | connatix | Connatix Video Embed | Medium | 6.4 | 2024-12-14 04:23:44 | Deep Dive |