WordPress Embedded Video Plugin <= 4.1 - XSS

Because of this vulnerability in lembedded-video.php, the attackers can inject arbitrary web script or HTML via the “content” parameter to wp-admin/post.php.

Solution

           Update the plugin.