VYPR

Responsive Video Embedder

by WordPress

CVEs (2)

  • CVE-2026-8877MedMay 27, 2026
    risk 0.42cvss 6.4epss 0.00

    The Responsive Video Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rem_video' shortcode in versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping on user supplied attributes (notably 'id' and…

  • CVE-2024-5475MedJun 20, 2024
    risk 0.35cvss 5.4epss 0.00

    The Responsive video embed WordPress plugin before 0.5.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored…