Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-1869: YourChannel: Everything you want in a YouTube plugin.

The YourChannel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE
#xss#web#wordpress#auth
  • Details
  • Reviews
  • Development

This plugin has been closed as of April 4, 2023 and is not available for download. This closure is temporary, pending a full review.

One of the things I value the most is Support. In the beginning, the support was instant but I’ve been waiting for a response to a mail for two weeks now 🙁 Been sending follow up mails and they are also not answered. I will gladly change my Review if I keep getting the support everytime I need it and not just initially when you buy the plugin.

Simple to use and I like the available options

Même en version gratuite, ce plugin est parfait et fort utile!

Thank you for taking the time to create such an awesome plugin 🙂 really helped me show my channel easily

I can’t pay for Premium version with PayPal, Could u Please help me ?

Great plugin and easy to shortcode but are this limited video channel shows and where the youtube chatting room? can you update one.

Read all 71 reviews

“YourChannel: Everything you want in a YouTube plugin.” is open source software. The following people have contributed to this plugin.

Contributors

  • plugin.builders

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda