Amauri - Tarteaucitron.io CVE

Filtered by vendor Amauri Subscribe

Filtered by product Tarteaucitron.io

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-4955	1 Amauri	1 Tarteaucitron.io	2025-07-02	N/A	4.7 MEDIUM
The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks.

Vulnerabilities (CVE)