CVE-2025-31008

Name of the Vulnerable Software and Affected Versions: YouTube Embed versions n/a through 5.3.1

Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting (XSS). Specifically, it is a Stored XSS vulnerability in the YouTube Embed Plugin Support, which allows malicious input to be stored and executed.

Recommendations: For versions n/a through 5.3.1, update to a version later than 5.3.1 to resolve the issue. As a temporary workaround, consider restricting access to the YouTube Embed Plugin Support until a patch is available.