Vulnerabilities and security researches forvideo-list-manager video-list-manager

Jun 07, 2024

CVE, Research URL: CVE-2023-1408
Home page URL: Security reports for Video List Manager
Application: Video List Manager
Date: May 08, 2023
Research Description: The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Affected versions: max 1.7.
Status: vulnerable

Jun 24, 2025

CVE, Research URL: CVE-2025-52821
Home page URL: Security reports for Video List Manager
Application: Video List Manager
Date: Jun 20, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7.
Affected versions: max 1.7.
Status: vulnerable

CVE, Research URL: CVE-2025-49986
Home page URL: Security reports for Video List Manager
Application: Video List Manager
Date: Jun 20, 2025
Research Description: Missing Authorization vulnerability in thanhtungtnt Video List Manager video-list-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Video List Manager: from n/a through <= 1.7.
Affected versions: max 1.7.
Status: vulnerable

Jul 04, 2025

CVE, Research URL: CVE-2025-52776
Home page URL: Security reports for Video List Manager
Application: Video List Manager
Date: Jul 04, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thanhtungtnt Video List Manager video-list-manager allows Stored XSS.This issue affects Video List Manager: from n/a through <= 1.7.
Affected versions: max 1.7.
Status: vulnerable

Jun 14, 2026

CVE, Research URL: CVE-2025-52831
Home page URL: Security reports for Video List Manager
Application: Video List Manager
Date: Jul 04, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7.
Affected versions: max 1.7.
Status: vulnerable