WordPress Plugin Vulnerabilities

Video Posts Webcam Recorder < 1.55.5 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Description

The Video Posts Webcam Recorder WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Proof of Concept

Affects Plugins

Plugin icon
video-posts-webcam-recorder
Fixed in 1.55.5

References

CVE
CVE-2014-4568
URL
https://codevigilant.com/disclosure/wp-plugin-video-posts-webcam-recorder-a3-cross-site-scripting-xss/
URL
https://plugins.trac.wordpress.org/changeset/839990

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Anant Shrivastava
Verified
No
WPVDB ID
6ee27cef-6ae1-43d6-bdff-318f066e10e5

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-12-14 (about 5 years ago)

Other

Published
Title
Published
2025-12-01
Title
WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets (Google Reviews, YouTube Feed, Photo Feeds, and More) < 4.0.0 - Unauthenticated Stored Cross-Site Scripting via External Content Import
Published
2024-05-22
Title
iframe < 5.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode
Published
2022-12-29
Title
Top 10 < 3.2.3 - Contributor+ Stored XSS
Published
2023-01-03
Title
Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode
Published
2022-12-23
Title
Real Cookie Banner < 3.4.10 - Contributor+ Stored XSS