VYPR

Blue Wrench Videos Widget

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-23809HigJan 22, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through <= 2.1.0.

  • CVE-2013-6797Nov 19, 2013
    risk 0.03cvss epss 0.03

    Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bw_url parameter…