Filter
AND

Software

bplugins html5 audio player
3
bplugins html5 video player
3
bplugins document embedder
2
bplugins alert box block
1
bplugins all embed – elementor addons
1
bplugins button block
1
bplugins easy twitter feed
1
bplugins polo video gallery
1
bplugins streamcast
1
bplugins timeline block
1

bPlugins Timeline BlockWordPress Timeline Block plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2025-26754

WordPress Alert Box BlockWordPress Alert Box Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

medium
6.5
First published (updated )
CVE-2025-22675

bPlugins All Embed – Elementor AddonsWordPress All Embed – Elementor Addons plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2025-24595

bPlugins Button BlockWordPress Button Block plugin <= 1.1.5 - Broken Access Control vulnerability

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2025-22787

Bplugins Html5 Video PlayerHTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler

medium
5.3
EPSS
0.05%
First published (updated )
CVE-2024-7727

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Bplugins Html5 Video PlayerHTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.34 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

medium
4.3
EPSS
0.05%
First published (updated )
CVE-2024-7721

Bplugins Html5 Audio PlayerWordPress HTML5 Audio Player plugin <= 2.2.23 - Cross Site Scripting (XSS) vulnerability

medium
6.5
First published (updated )
CVE-2024-37445

Bplugins Html5 Video PlayerHtml5 Video Player < 2.5.19 - Subscriber+ Stored XSS

medium
5.4
EPSS
0.04%
First published (updated )
CVE-2023-6485

Bplugins Html5 Audio PlayerHtml5 Audio Player < 2.1.12 - Contributor+ Stored XSS

medium
5.4
First published (updated )
CVE-2023-0170

Bplugins Document EmbedderDocument Embedder < 1.7.9 - Subscriber+ Arbitrary Private/Draft Post Title Disclosure

medium
4.3
First published (updated )
CVE-2021-24868

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Bplugins Document EmbedderDocument Embedder < 1.7.5 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure

medium
5.3
First published (updated )
CVE-2021-24775

bPlugins StreamCastStreamCast < 2.1.1 - Contributor+ Stored Cross-Site Scripting

medium
5.4
First published (updated )
CVE-2021-24416

Bplugins Polo Video GalleryPolo Video Gallery <= 1.2 - Contributor+ Stored Cross-Site Scripting

medium
5.4
First published (updated )
CVE-2021-24415

Bplugins Easy Twitter FeedEasy Twitter Feed < 1.2 - Contributor+ Stored Cross-Site Scripting

medium
5.4
First published (updated )
CVE-2021-24413

Bplugins Html5 Audio PlayerHtml5 Audio Player < 2.1.3 - Contributor+ Stored Cross-Site Scripting

medium
5.4
First published (updated )
CVE-2021-24412

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203