VYPR

Streamweasels Kick Integration

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-9442MedSep 6, 2025
    risk 0.35cvss 6.4epss 0.00

    The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘vodsChannel’ parameter in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2025-5589MedJun 14, 2025
    risk 0.35cvss 6.4epss 0.00

    The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘status-classic-offline-text’ parameter in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible…

  • CVE-2024-10184MedOct 29, 2024
    risk 0.35cvss 6.4epss 0.00

    The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-kick-embed shortcode in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This…

  • CVE-2025-7810MedJul 29, 2025
    risk 0.28cvss 5.4epss 0.00

    The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This…