CVE-2023-25699

WordPress VideoWhisper Live Streaming Integration plugin <= 5.5.15 - Remote Code Execution (RCE)

CVSS 9 CRITICALEPSS 1.3%CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected products

VideoWhisper.com · VideoWhisper Live Streaming Integration

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://patchstack.com/database/vulnerability/videowhisper-live-streaming-integration/wordpress-broadcast-live-video-live-streaming-html5-webrtc-hls-rtsp-rtmp-plugin-5-5-15-remote-code-execution-rce?_s_id=cve