Live Streaming Integration Plugin
Approved changes feed: RSS · Atom
cpe:2.3:a:videowhisper:live_streaming_integration_plugin:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Videowhisper (3fa34018-7a89-5b29-a930-e9dcfd4be8ec) |
|---|---|
| Product | Live Streaming Integration Plugin (dc1f6e33-61fd-54b3-b710-353a192515f2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/ashishnigam/videowhisper-live-streaming-integration |
purl2cpe | 2026-06-01 10:13:29.077615 |
pkg:github/wp-plugins/videowhisper-live-streaming-integration |
purl2cpe | 2026-06-01 10:13:29.077617 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-25699 |
vulnerable | 2026-06-03 14:49:33.296323 |
WordPress VideoWhisper Live Streaming Integration plugin <= 5.5.15 - Remote Code Execution (RCE)
CRITICAL (9)
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15.
Published: 2024-04-03T12:22:14.850Z
Updated: 2026-04-28T16:08:09.593Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1907 |
vulnerable | 2026-06-03 14:33:48.965565 |
Details available
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_logout.php.
Published: 2014-03-06T15:00:00.000Z
Updated: 2024-08-06T09:58:16.012Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1906 |
vulnerable | 2026-06-03 14:33:48.955576 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) m parameter to lb_status.php; (2) msg parameter to vc_chatlog.php; n parameter to (3) channel.php, (4) htmlchat.php, (5) video.php, or (6) videotext.php; (7) message parameter to lb_logout.php; or ct parameter to (8) lb_status.php or (9) v_status.php in ls/.
Published: 2014-03-06T15:00:00.000Z
Updated: 2024-08-06T09:58:15.610Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-5714 |
vulnerable | 2026-06-03 14:33:22.891402 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php in the VideoWhisper Live Streaming Integration plugin 4.25.3 and possibly earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameter. NOTE: some of these details are obtained from third party information.
Published: 2013-09-09T17:00:00.000Z
Updated: 2024-09-17T01:41:10.859Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.