Video List Manager
by WordPress
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52831 | Cri | 0.60 | 9.3 | 0.00 | Jul 4, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7. | ||
| CVE-2025-52821 | Hig | 0.55 | 8.5 | 0.00 | Jun 20, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7. | ||
| CVE-2023-1408 | Hig | 0.47 | 7.2 | 0.03 | May 8, 2023 | The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin | ||
| CVE-2025-52776 | Hig | 0.46 | 7.1 | 0.00 | Jul 4, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thanhtungtnt Video List Manager video-list-manager allows Stored XSS.This issue affects Video List Manager: from n/a through <= 1.7. | ||
| CVE-2025-49986 | Med | 0.34 | 5.3 | 0.00 | Jun 20, 2025 | Missing Authorization vulnerability in thanhtungtnt Video List Manager video-list-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Video List Manager: from n/a through <= 1.7. |
- risk 0.60cvss 9.3epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7.
- risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7.
- risk 0.47cvss 7.2epss 0.03
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thanhtungtnt Video List Manager video-list-manager allows Stored XSS.This issue affects Video List Manager: from n/a through <= 1.7.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in thanhtungtnt Video List Manager video-list-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Video List Manager: from n/a through <= 1.7.