cleantalk
Vulnerabilities and Security Researches

Cincopa video and media plug-in, CVE-2015-10109

CVE, Research URL

CVE-2015-10109

Home page URL

Security reports for Cincopa video and media plug-in

Application

Cincopa video and media plug-in

Published on
Jun 01, 2023
Research Description
A vulnerability was found in Video Playlist and Gallery Plugin up to 1.136 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the file wp-media-cincopa.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.137 is able to address this issue. The name of the patch is ee28e91f4d5404905204c43b7b84a8ffecad932e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230264.
Affected versions
max 1.137.
Status
vulnerable
Previous vulnerability researches
Cincopa video and media plug-in (8a9cb7c8b9bae1d383bc2ee1daa00183e22413ab) , Jun 07, 2024
Cincopa video and media plug-in (CVE-2024-23515) , Jun 07, 2024
Cincopa video and media plug-in (CVE-2015-10109) , Jun 07, 2024
Cincopa video and media plug-in (CVE-2025-62142) , Jan 11, 2026
Cincopa video and media plug-in (CVE-2025-62143) , Jan 11, 2026
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026