{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T01:42:21.944","vulnerabilities":[{"cve":{"id":"CVE-2025-27298","sourceIdentifier":"audit@patchstack.com","published":"2025-02-24T15:15:15.703","lastModified":"2026-04-01T17:19:26.540","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Request Forgery (CSRF) vulnerability in cmstactics WP Video Posts wp-video-posts allows OS Command Injection.This issue affects WP Video Posts: from n\/a through <= 3.5.1."},{"lang":"es","value":" La vulnerabilidad de Cross-Site Request Forgery (CSRF) en WP Video Posts de cmstactics permite la inyección de comandos del sistema operativo. Este problema afecta a WP Video Posts: desde n\/a hasta 3.5.1."}],"metrics":{},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https:\/\/patchstack.com\/database\/Wordpress\/Plugin\/wp-video-posts\/vulnerability\/wordpress-wp-video-posts-plugin-3-5-1-csrf-to-remote-code-execution-rce-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}