Videowhisper

Videowhisper Live Streaming Integration

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-48255

  • EPSS 0.02%
  • Veröffentlicht 19.05.2025 14:44:59
  • Zuletzt bearbeitet 17.07.2025 19:43:10

Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP: fro...

8.6

CVE-2025-26752

  • EPSS 0.16%
  • Veröffentlicht 25.02.2025 15:15:23
  • Zuletzt bearbeitet 25.02.2025 15:15:23

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper VideoWhisper Live Streaming Integration allows Path Traversal. This issue affects VideoWhisper Live Streaming Integration: from n/a through 6...

7.5

CVE-2025-26753

  • EPSS 0.21%
  • Veröffentlicht 25.02.2025 15:15:23
  • Zuletzt bearbeitet 25.02.2025 15:15:23

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper VideoWhisper Live Streaming Integration allows Path Traversal. This issue affects VideoWhisper Live Streaming Integration: from n/a through 6...

5.4

CVE-2024-12504

  • EPSS 0.06%
  • Veröffentlicht 23.01.2025 12:15:27
  • Zuletzt bearbeitet 17.07.2025 19:43:26

The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_hls' shortcode in all versions up to, and including, 6.1.9 due to insufficient...

9.8

CVE-2023-25699

  • EPSS 1.44%
  • Veröffentlicht 03.04.2024 13:15:59
  • Zuletzt bearbeitet 15.04.2025 21:08:51

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integratio...

6.1

CVE-2014-2297

  • EPSS 0.17%
  • Veröffentlicht 19.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:06:01

Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to ls/htmlchat.php or (2) bgcolor par...

5

CVE-2014-1908

Exploit
  • EPSS 6.37%
  • Veröffentlicht 29.12.2014 20:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct r...

10

CVE-2014-1905

Exploit
  • EPSS 17.96%
  • Veröffentlicht 29.12.2014 20:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and the...

4.3

CVE-2014-4569

Exploit
  • EPSS 0.2%
  • Veröffentlicht 01.07.2014 14:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter.

4.3

CVE-2014-1906

Exploit
  • EPSS 1.22%
  • Veröffentlicht 06.03.2014 15:55:28
  • Zuletzt bearbeitet 03.11.2025 18:53:49

Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) m parameter to lb_status.php; (2) msg para...