GHSA-rqch-mf8g-6cqrMediumCVSS 4.3

The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in...

Published
July 11, 2026
Last Modified
July 11, 2026

🔗 CVE IDs covered (1)

📋 Description

The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the muxvideo_enqueue_settings_script. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive data including Mux API credentials.

🔗 References (8)