Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videowhisper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25699
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a up to an...
NA
CVE-2023-52213
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review – AJAX Reviews for Content, with Star Ratings allows Reflected XSS.This issue affects Rate Star Review – AJAX Reviews for Cont...
Videowhisper Rate Star Review
6.8
CVSSv2
CVE-2022-27629
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions before 1.9.6 allows a remote unauthenticated malicious user to hijack the authentication of an administrator and perform unintended op...
Videowhisper Micropayments
4.3
CVSSv2
CVE-2021-34656
The 2Way VideoCalls and Random Chat - HTML5 Webcam Videochat WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the `vws_notice` function found in the ~/inc/requirements.php file which allows malicious users to inject arbitrary web scripts, in versions up to and...
Videowhisper 2way Videocalls And Random Chat
3.5
CVSSv2
CVE-2021-24512
The Video Posts Webcam Recorder WordPress plugin prior to 3.2.4 has an authenticated reflected cross site scripting (XSS) vulnerability in one of the administrative functions for handling deletion of videos.
Videowhisper Video Posts Webcam Recorder
4.3
CVSSv2
CVE-2014-8338
Cross-site scripting (XSS) vulnerability in vwrooms/js/jsor-jcarousel/examples/special_textscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote malicious users to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter.
Videowhisper Webcam 7.x-1.7
4.3
CVSSv2
CVE-2014-4567
Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded prior to 20140116 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the message parameter.
Videowhisper Video Comments Webcam Recorder
7.5
CVSSv2
CVE-2015-9272
The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote malicious users to execute arbitrary code because vp/vw_upload.php considers a file safe when "html" are the last four characters, as demonstrated by a .phtml file containing PHP code.
Videowhisper Video Presentation 3.31.17
7.5
CVSSv2
CVE-2015-9271
The VideoWhisper videowhisper-video-conference-integration plugin 4.91.8 for WordPress allows remote malicious users to execute arbitrary code because vc/vw_upload.php considers a file safe when "html" are the last four characters, as demonstrated by a .phtml file conta...
Videowhisper Video Conference 4.91.8
4.3
CVSSv2
CVE-2014-2297
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) n parameter to ls/htmlchat.php or (2) bgcolor parameter to ls/index.php. ...
Videowhisper Videowhisper Live Streaming Integration 4.29.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »