exploitDog

CVE-2025-48170

Опубликовано: 20 авг. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder allows Reflected XSS. This issue affects Universal Video Player - Addon for WPBakery Page Builder: from n/a through 3.2.1.

Ссылки

https://patchstack.com/database/wordpress/plugin/lbg-universal-video-player-addon-visual-composer/vulnerability/wordpress-universal-video-player-addon-for-wpbakery-page-builder-3-2-1-cross-site-scripting-xss-vulnerability-2?_s_id=cve

EPSS

Процентиль: 8%

0.00029

Низкий

7.1 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-qxxf-qwf6-qvwp

CVSS3: 7.1

github

6 месяцев назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder allows Reflected XSS. This issue affects Universal Video Player - Addon for WPBakery Page Builder: from n/a through 3.2.1.

EPSS

Процентиль: 8%

0.00029

Низкий

7.1 High

CVSS3

Дефекты

CWE-79