CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

198 matches found

RedhatCVE•added 2025/02/27 2:28 p.m.•9 views

CVE-2025-26752

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Path Traversal.This issue affects Broadcast Live Video: from n/a through = 6.2...

8.6CVSS7.2AI score0.00296EPSS

Exploits0References1

RedhatCVE•added 2025/02/27 2:24 p.m.•7 views

CVE-2025-26753

7.5CVSS7.2AI score0.0026EPSS

Exploits0References1

RedhatCVE•added 2025/02/26 3:29 p.m.•10 views

CVE-2025-27327

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Winlin Live Streaming Video Player – by SRS Player srs-player allows DOM-Based XSS.This issue affects Live Streaming Video Player – by SRS Player: from n/a through = 1.0.18...

6.5CVSS7.2AI score0.00178EPSS

Exploits0References1

NVD•added 2025/02/25 3:15 p.m.•5 views

CVE-2025-26753

7.5CVSS0.0026EPSS

Exploits0References1

NVD•added 2025/02/25 3:15 p.m.•5 views

CVE-2025-26752

8.6CVSS0.00296EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 2:17 p.m.•8 views

CVE-2025-26753 WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerability

7.5CVSS8.6AI score0.0026EPSS

Exploits0References1

CVE•added 2025/02/25 2:17 p.m.•48 views

CVE-2025-26753

CVE-2025-26753 describes an Arbitrary File Download vulnerability in WordPress VideoWhisper Live Streaming Integration plugin, affecting versions n/a through 6.2. The issue stems from improper restriction of a pathname, enabling path traversal and potential unauthorized file access. Public refere...

7.5CVSS7.2AI score0.0026EPSS

Exploits0References1

CVE•added 2025/02/25 2:17 p.m.•56 views

CVE-2025-26752

CVE-2025-26752 describes a path traversal vulnerability in the WordPress plugin VideoWhisper Live Streaming Integration (versions n/a through 6.2). The root cause is improper limitation of a pathname to a restricted directory, enabling traversal to unrelated files. Public reports across multiple ...

8.6CVSS7.2AI score0.00296EPSS

Exploits0References1

Cvelist•added 2025/02/25 2:17 p.m.•13 views

CVE-2025-26753 WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerability

7.5CVSS0.0026EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 2:17 p.m.•8 views

CVE-2025-26752 WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerability

8.6CVSS8.5AI score0.00296EPSS

Exploits0References1

CNNVD•added 2025/02/25 12:0 a.m.•1 views

WordPress plugin VideoWhisper Live Streaming Integration 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

7.5CVSS8.3AI score0.0026EPSS

Exploits0References2

Positive Technologies•added 2025/02/25 12:0 a.m.•1 views

PT-2025-7827 · Unknown · Videowhisper Live Streaming Integration

Name of the Vulnerable Software and Affected Versions: VideoWhisper Live Streaming Integration versions n/a through 6.2 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows unauthorized access to files and...

8.6CVSS9.5AI score0.00296EPSS

Exploits0References5

NVD•added 2025/02/24 3:15 p.m.•5 views

CVE-2025-27327

6.5CVSS0.00178EPSS

Exploits0References1

Patchstack•added 2025/02/24 3:13 p.m.•1 views

WordPress Live Streaming Video Player – by SRS Player plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Live Streaming Video Player – by SRS Player versions = 1.0.18...

6.5CVSS6.1AI score0.00178EPSS

Exploits0Affected Software1

Cvelist•added 2025/02/24 2:49 p.m.•13 views

CVE-2025-27327 WordPress Live Streaming Video Player – by SRS Player plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00178EPSS

Exploits0References1

CVE•added 2025/02/24 2:49 p.m.•65 views

CVE-2025-27327

CVE-2025-27327 refers to a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Live Streaming Video Player – by SRS Player (versions

6.5CVSS7.2AI score0.00178EPSS

Exploits0References1

Vulnrichment•added 2025/02/24 2:49 p.m.•11 views

CVE-2025-27327 WordPress Live Streaming Video Player – by SRS Player plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability

6.5CVSS8.6AI score0.00178EPSS

Exploits0References1

Positive Technologies•added 2025/02/24 12:0 a.m.•1 views

PT-2025-7748

Name of the Vulnerable Software and Affected Versions Live Streaming Video Player – by SRS Player versions 1.0.18 and earlier Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS...

6.5CVSS8.2AI score0.00178EPSS

Exploits0References6

CNNVD•added 2025/02/24 12:0 a.m.•1 views

WordPress plugin Live Streaming Video Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

6.5CVSS7.6AI score0.00178EPSS

Exploits0References2

Patchstack•added 2025/02/14 3:10 p.m.•1 views

WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin Broadcast Live Video versions = 6.2...

8.6CVSS7AI score0.00296EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by