Videowhisper Live Streaming Integration@* Security Vulnerabilities and Issues — Videowhisper Live Streaming Integration@* CVE List

Lucene search

VideowhisperVideowhisper Live Streaming Integration*

8 matches found

CVE•added 2024/04/03 1:15 p.m.•52 views

CVE-2023-25699

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15.

9.8CVSS9.3AI score0.01061EPSS

CVE•added 2025/02/25 3:15 p.m.•50 views

CVE-2025-26752

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper VideoWhisper Live Streaming Integration allows Path Traversal. This issue affects VideoWhisper Live Streaming Integration: from n/a through 6.2.

8.6CVSS6.9AI score0.00075EPSS

CVE•added 2025/01/23 12:15 p.m.•48 views

CVE-2024-12504

The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_hls' shortcode in all versions up to, and including, 6.1.9 due to insufficient input sanitization and output escaping on user s...

6.4CVSS5.7AI score0.00026EPSS

CVE•added 2014/12/29 8:59 p.m.•47 views

CVE-2014-1908

The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error m...

5CVSS6.1AI score0.06369EPSS

CVE•added 2014/12/29 8:59 p.m.•46 views

CVE-2014-1905

Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then accessing the file via a direct request to a wp...

10CVSS9.6AI score0.17963EPSS

CVE•added 2025/02/25 3:15 p.m.•42 views

CVE-2025-26753

7.5CVSS6.9AI score0.00093EPSS

CVE•added 2014/07/01 2:55 p.m.•30 views

CVE-2014-4569

Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter.

4.3CVSS6AI score0.00197EPSS

CVE•added 2025/05/19 3:15 p.m.•22 views

CVE-2025-48255

Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP: from n/a through 6.2.4.

8.8CVSS4.7AI score0.00022EPSS