WordPress Plugin Vulnerabilities

VideoWhisper Live Streaming Integration 4.27.3 - Multiple Vulnerabilities

Description

The plugin was affected by multiple security issues, such as:

- Arbitrary File Upload
- Cross-Site Scripting
- Path Traversal
- Information Exposure Through Externally-Generated Error Message

Affects Plugins

Plugin icon
videowhisper-live-streaming-integration
Fixed in 4.29.5

References

CVE
CVE-2014-1905
CVE
CVE-2014-1907
CVE
CVE-2014-1908
CVE
CVE-2014-1906
URL
https://www.immuniweb.com/advisory/HTB23199

Miscellaneous

Verified
No
WPVDB ID
3dcae987-2e98-41a9-bcf0-2c9cf52594e7

Timeline

Publicly Published
2014-02-27 (about 12 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2021-04-13 (about 5 years ago)

Other

Published
Title
Published
2019-01-10
Title
Ninja Forms < 3.3.21.3 - XSS and SQLi
Published
2015-09-17
Title
ALO EasyMail Newsletter <= 2.6.00 - Cross-Site Scripting (XSS) & CSRF
Published
2014-08-01
Title
Spider Calendar 1.3.0 - Multiple Vulnerabilities
Published
2019-06-09
Title
Download Manager <= 2.9.96 - Various Sanitisation Issues
Published
2016-10-18
Title
InPost Gallery <= 2.1.2 - LFI & Authenticated Stored XSS