QwikSec

Security Database

CVE

CWE

Training

CVE-2025-49061

Published: Aug 14, 2025

Modified: Apr 28, 2026

PUBLISHED

CVSS v3.1

6.5

MEDIUM

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perteus Porn Videos Embed porn-videos-embed allows Stored XSS.This issue affects Porn Videos Embed: from n/a through <= 0.9.1.

Vendor	Product	Versions
perteus	Porn Videos Embed	affected `0 - <= 0.9.1`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://patchstack.com/database/Wordpress/Plugin/porn-videos-embed/vulnerability/wordpress-porn-videos-embed-plugin-0-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve

vdb-entry

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.