Video Playlist For Youtube
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-1888 | Med | 0.42 | 6.4 | 0.00 | Feb 6, 2026 | The Docus – YouTube Video Playlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'docusplaylist' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes… | ||
| CVE-2025-32183 | Med | 0.42 | 6.5 | 0.00 | Apr 4, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through <= 6.7.1. | ||
| CVE-2023-45653 | Med | 0.28 | 4.3 | 0.00 | Oct 16, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Galaxy Weblinks Video Playlist For YouTube plugin <= 6.0 versions. |
- risk 0.42cvss 6.4epss 0.00
The Docus – YouTube Video Playlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'docusplaylist' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through <= 6.7.1.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Galaxy Weblinks Video Playlist For YouTube plugin <= 6.0 versions.