2 results (0.006 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

The Video Posts Webcam Recorder WordPress plugin before 3.2.4 has an authenticated reflected cross site scripting (XSS) vulnerability in one of the administrative functions for handling deletion of videos. El plugin Video Posts Webcam Recorder WordPress versiones anteriores a 3.2.4, presenta una vulnerabilidad de tipo cross site scripting (XSS) reflejado y autenticado en una de las funciones administrativas para manejar la eliminación de vídeos. The Video Posts Webcam Recorder WordPress plugin before 3.2.4 has a reflected cross site scripting (XSS) vulnerability in one of the administrative functions for handling deletion of videos. • https://wpscan.com/vulnerability/458a576e-a7ed-4758-a80c-cd08c370aaf4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter. Vulnerabilidad de XSS en posts/videowhisper/r_logout.php en el plugin Video Posts Webcam Recorder 1.55.4 y anteriores para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro message. • http://codevigilant.com/disclosure/wp-plugin-video-posts-webcam-recorder-a3-cross-site-scripting-xss https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=839990%40video-posts-webcam-recorder&old=686450%40video-posts-webcam-recorder&sfp_email=&sfph_mail= • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •