The plugin called Videopack, used for WordPress websites, has a security issue called Stored Cross-Site Scripting. This means that in versions 4.10.3 and below, there is not enough protection for the information being entered and displayed, making it possible for attackers who are logged in with contributor-level access or higher to add harmful code to pages that will run when a user visits the page.