ThreatPress

WordPress Vulnerabilities Database

Back

WordPress VideoWhisper Plugin 4.27.3 - Multiple Vulnerabilities

Product
VideoWhisper
Description
VideoWhisper plugin is prone to multiple vulnerabilities, such as arbitrary file upload and cross-site scripting (XSS) and information exposure through externally-generated error message in VideoWhisper Live Streaming Integration: CVE-2014-1908.
Solution
Upgrade to VideoWhisper Live Streaming Integration version 4.29.5.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-2014-1905
Versions
Affected In <= 4.27.3
Fixed In 4.27.4
Disclosure date
2014-02-28
Credits
High-Tech Bridge SA