VYPR

Videos Sync PDF

by WordPress

CVEs (2)

  • CVE-2022-1392HigApr 25, 2022
    risk 0.50cvss 7.5epss 0.11

    The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using it in an include statement, which could lead to Local File Inclusion issues

  • CVE-2022-50949MedMay 10, 2026
    risk 0.42cvss 6.4epss 0.00

    WordPress Plugin Videos sync PDF 1.7.4 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting unsanitized mov, pdf, mp4, webm, and ogg parameters. Attackers can inject payloads like autofocus onfocus…