VYPR

Feeds for YouTube Pro

by WordPress

CVEs (1)

  • CVE-2025-12002MedJan 17, 2026
    risk 0.38cvss 5.9epss 0.00

    The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sby_check_wp_submit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation.…