VYPR

Presto Player

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-43285MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.00

    Missing Authorization vulnerability in Presto Made, Inc Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Presto Player: from n/a through 3.0.2.

  • CVE-2026-9125MedJun 12, 2026
    risk 0.35cvss 6.4epss 0.00

    The Presto Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link_url' parameter of the [presto_player_overlay] shortcode in versions up to, and including, 4.2.0 This is due to insufficient input sanitization and output escaping in the…

  • CVE-2026-45442MedMay 19, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.3.