Mdc Youtube Downloader Project: Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan MDC YouTube Downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-01-16
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nazmul Ahsan MDC YouTube Downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-11-19
Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/download.php.
CVSS Score
7.5
EPSS Score
0.491
Published
2017-05-23