WordPress Video Player Plugin <= 1.5.22 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-45632
7.1HIGH
What is CVE-2023-45632?
The WebDorado SpiderVPlayer plugin prior to version 1.5.22 is susceptible to an unauthenticated reflected cross-site scripting vulnerability. This flaw permits attackers to inject malicious scripts into web pages, compromising user data and potentially leading to session hijacking or phishing attacks. Site owners using affected versions should update the plugin immediately to mitigate risk and enhance security.
Affected Version(s)
SpiderVPlayer <= 1.5.22