cleantalk
Vulnerabilities and Security Researches

Cincopa video and media plug-in, 8a9cb7c8b9bae1d383bc2ee1daa00183e22413ab

CVE, Research URL

8a9cb7c8b9bae1d383bc2ee1daa00183e22413ab

Home page URL

Security reports for Cincopa video and media plug-in

Application

Cincopa video and media plug-in

Published on
Aug 25, 2015
Research Description
Cincopa video and media plug-in [video-playlist-and-gallery-plugin] < 1.137 WordPress Post Video Players Plugin <= 1.136 - XSS Because of this vulnerability, authenticated users (like editors) can store HTML or JS code. Update the plugin.
Affected versions
max 1.137.
Status
vulnerable
Previous vulnerability researches
Cincopa video and media plug-in (8a9cb7c8b9bae1d383bc2ee1daa00183e22413ab) , Jun 07, 2024
Cincopa video and media plug-in (CVE-2024-23515) , Jun 07, 2024
Cincopa video and media plug-in (CVE-2015-10109) , Jun 07, 2024
Cincopa video and media plug-in (CVE-2025-62142) , Jan 11, 2026
Cincopa video and media plug-in (CVE-2025-62143) , Jan 11, 2026
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button &#8211; Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails &amp; Marketing Automation for WooCommerce &#8211; ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026