Cross-Site Scripting Vulnerability in Ryan Burnette Video Embeds Plugin by WordPress
CVE-2025-49429
6.5MEDIUM
What is CVE-2025-49429?
A Cross-Site Scripting (XSS) vulnerability exists in the Ryan Burnette Video Embeds plugin, allowing attackers to inject malicious scripts into web pages viewed by users. This vulnerability affects versions ranging from n/a up to 0.1.1, opening possibilities for stored XSS attacks that can compromise user data and site integrity. Ensuring timely updates of the plugin is critical for maintaining site security.
Affected Version(s)
Video Embeds <= 0.1.1