212 matches found
CVE-2026-24590
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...
CVE-2026-24937
Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...
CVE-2026-24590
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...
CVE-2026-24590
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...
CVE-2026-24590
The CVE-2026-24590 entry affects the WordPress plugin “Paid Videochat Turnkey Site” (versions up to and including 7.3.23). Root cause: Missing/incorrect authorization allows Broken Access Control. Impact, per the provided metrics, is low confidentiality impact and no integrity/availability impact...
CVE-2026-24590 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...
PT-2026-43200
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...
CVE-2026-24937
Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...
CVE-2026-24937
Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...
CVE-2026-24937
CVE-2026-24937 covers a Remote Code Execution in the VideoWhisper WordPress Broadcast Live Video plugin (versions before 7.1.3). The root cause is Improper Control of Generation of Code (Code Injection) in the Broadcast Live Video component, exposed via the plugin before version 7.1.3. Public ref...
CVE-2026-24937 WordPress Broadcast Live Video plugin < 7.1.3 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...
PT-2026-43143
Name of the Vulnerable Software and Affected Versions Broadcast Live Video versions prior to 7.1.3 Description Improper Control of Generation of Code allows for Code Injection, which can lead to Remote Code Execution RCE, a state where an attacker can execute arbitrary commands on the target...
CVE-2025-8899 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams <= 7.3.20 - Authenticated (Author+) Privilege Escalation
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
CVE-2025-8899 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams <= 7.3.20 - Authenticated (Author+) Privilege Escalation
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
CVE-2023-25699
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15...
CVE-2025-62959
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...
EUVD-2025-35984
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.22...
CVE-2025-62959
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...
PT-2025-43833
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.22...
EUVD-2014-4496
Malware in sbrugna...