VYPR

Youtube Video Player

by WordPress

CVEs (1)

  • CVE-2025-2537MedJul 3, 2025
    risk 0.42cvss 6.4epss 0.00

    Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library (version 3.1) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…