Untriaged
Permalink
CVE-2025-31384
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5.
References
Affected products
videos
- =<1.0.5
Matching in nixpkgs
pkgs.pantheon.elementary-videos
Video player and library app designed for elementary OS
-
nixos-unstable -
- nixpkgs-unstable 8.0.2
Package maintainers
-
@davidak David Kleuker <post@davidak.de>
-
@bobby285271 Bobby Rong <rjl931189261@126.com>