MEDIUM
A J Evolution
CVE published 2026-05-10
CVE-2022-50949
CVE-2022-50949 is a stored cross-site scripting issue in the WordPress plugin Videos sync PDF 1.7.4. According to the supplied CVE description and NVD record, authenticated attackers can inject malicious script content through unsanitized nom, pdf, mp4, webm, and ogg parameters, with the payload later executed when an administrator views or edits video settings. The provided NVD data marks the issue as CW [truncated]