Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1334 | 1 Wp Youtube Live Project | 1 Wp Youtube Live | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | |||||
| CVE-2022-1187 | 1 Wp Youtube Live Project | 1 Wp Youtube Live | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21. | |||||