Public CVE-2025-56694 disclosure

Lazy Load for Videos <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes