CVE-2025-69048 | Universal Video Player Plugin up to 3.8.4 on WordPress cross site scripting

January 15, 2026 Yanac

A vulnerability was found in Universal Video Player Plugin up to 3.8.4 on WordPress. It has been declared as problematic. The affected element is an unknown function. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-69048. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-13859 | AffiliateX Plugin up to 1.0.0/1.3.9.3 on WordPress Setting save_customization_settings cross site scripting
CVE-2026-22359 | Movies Bulk Importer Plugin up to 1.0 on WordPress cross-site request forgery