cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2014-2297,https://securityvulnerability.io/vulnerability/CVE-2014-2297,,Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to ls/htmlchat.php or (2) bgcolor parameter to ls/index.php.  NOTE: vector 1 may overlap CVE-2014-1906.4.,Wordpress,Videowhisper Live Streaming Integration,6.1,MEDIUM,0.0013099999632686377,false,,false,false,false,,false,false,2018-03-19T21:00:00.000Z,0
CVE-2014-1908,https://securityvulnerability.io/vulnerability/CVE-2014-1908,,"The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.",Wordpress,Videowhisper Live Streaming Integration,,,0.006140000186860561,false,,false,false,false,,false,false,2014-12-29T20:00:00.000Z,0
CVE-2014-1905,https://securityvulnerability.io/vulnerability/CVE-2014-1905,,"Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then accessing the file via a direct request to a wp-content/plugins/videowhisper-live-streaming-integration/ls/snapshots/ pathname, as demonstrated by a .php.jpg filename.",Wordpress,Videowhisper Live Streaming Integration,,,0.007060000207275152,false,,false,false,false,,false,false,2014-12-29T20:00:00.000Z,0
CVE-2014-4569,https://securityvulnerability.io/vulnerability/CVE-2014-4569,,Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter.,Wordpress,Videowhisper Live Streaming Integration,,,0.0017000000225380063,false,,false,false,false,,false,false,2014-07-01T14:00:00.000Z,0