Youtube Embed Plus

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-39485 MEDIUM This Month

Missing authorization in embedplus Youtube Embed Plus plugin versions up to 14.2.4 allows authenticated users to access restricted functionality through incorrectly configured access controls, resulting in limited information disclosure. The vulnerability affects all installations of Youtube Embed Plus from version 0 through 14.2.4, requires authenticated access (PR:L), and carries low real-world risk with EPSS score of 0.02% (4th percentile) despite CVSS 4.3 rating.

Authentication Bypass Youtube Embed Plus

NVD

CVSS 3.1

4.3

EPSS

0.0%

CVE-2026-39485

EPSS 0% CVSS 4.3

MEDIUM This Month

Missing authorization in embedplus Youtube Embed Plus plugin versions up to 14.2.4 allows authenticated users to access restricted functionality through incorrectly configured access controls, resulting in limited information disclosure. The vulnerability affects all installations of Youtube Embed Plus from version 0 through 14.2.4, requires authenticated access (PR:L), and carries low real-world risk with EPSS score of 0.02% (4th percentile) despite CVSS 4.3 rating.

Authentication Bypass Youtube Embed Plus

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy