EIP-2026-114172

This is a technical writeup detailing a stored XSS vulnerability in the WordPress plugin 'Videos sync PDF' version 1.7.4. The vulnerability arises from insufficient sanitization of user input in parameters like 'nom', 'pdf', 'mp4', 'webm', and 'ogg', allowing arbitrary JavaScript execution.