VYPR

Videozen

by WordPress

Source repositories

CVEs (1)

  • CVE-2026-6439MedApr 17, 2026
    risk 0.29cvss 4.4epss 0.00

    The VideoZen plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.1. This is due to insufficient input sanitization and output escaping in the videozen_conf() function. The 'lang' POST parameter is stored directly via…