CVE-2025-62142

Name of the Vulnerable Software and Affected Versions Cincopa video and media plugin versions through 1.163

Description The Cincopa video and media plugin contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages and executed by unsuspecting users. The affected plugin is used for embedding video and media content. The vulnerability allows an attacker to inject malicious code that could compromise user accounts or deface websites.

Recommendations Update to a version beyond 1.163. At the moment, there is no information about a newer version that contains a fix for this vulnerability.