Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videowhisper vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-4570
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Video Presentation plugin prior to 3.31 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) room_name parameter to c_login.php or (2) room parameter to index.php in v...
Videowhisper Video Presentation
7.5
CVSSv2
CVE-2015-9271
The VideoWhisper videowhisper-video-conference-integration plugin 4.91.8 for WordPress allows remote malicious users to execute arbitrary code because vc/vw_upload.php considers a file safe when "html" are the last four characters, as demonstrated by a .phtml file conta...
Videowhisper Video Conference 4.91.8
7.5
CVSSv2
CVE-2015-9272
The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote malicious users to execute arbitrary code because vp/vw_upload.php considers a file safe when "html" are the last four characters, as demonstrated by a .phtml file containing PHP code.
Videowhisper Video Presentation 3.31.17
NA
CVE-2023-52213
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review – AJAX Reviews for Content, with Star Ratings allows Reflected XSS.This issue affects Rate Star Review – AJAX Reviews for Cont...
Videowhisper Rate Star Review
4.3
CVSSv2
CVE-2014-4568
Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the message parameter.
Videowhisper Video Posts Webcam Recorder
4.3
CVSSv2
CVE-2014-8338
Cross-site scripting (XSS) vulnerability in vwrooms/js/jsor-jcarousel/examples/special_textscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote malicious users to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter.
Videowhisper Webcam 7.x-1.7
3.5
CVSSv2
CVE-2021-24512
The Video Posts Webcam Recorder WordPress plugin prior to 3.2.4 has an authenticated reflected cross site scripting (XSS) vulnerability in one of the administrative functions for handling deletion of videos.
Videowhisper Video Posts Webcam Recorder
4.3
CVSSv2
CVE-2014-4567
Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded prior to 20140116 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the message parameter.
Videowhisper Video Comments Webcam Recorder
4.3
CVSSv2
CVE-2021-34656
The 2Way VideoCalls and Random Chat - HTML5 Webcam Videochat WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the `vws_notice` function found in the ~/inc/requirements.php file which allows malicious users to inject arbitrary web scripts, in versions up to and...
Videowhisper 2way Videocalls And Random Chat
NA
CVE-2014-19062
VideoWhisper Live Streaming Integration version 4.27.3 suffers from cross site scripting, remote shell upload, information exposure, and path traversal vulnerabilities.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »