Cross-Site Scripting Vulnerability in Video Posts Webcam Recorder Plugin for WordPress

CVE-2014-4568

What is CVE-2014-4568?

A cross-site scripting (XSS) vulnerability exists in the Video Posts Webcam Recorder plugin for WordPress, specifically in the r_logout.php script. This flaw allows remote attackers to inject arbitrary web scripts or HTML through the 'message' parameter. Successful exploitation can lead to various malicious activities, such as session hijacking or redirection to malicious sites, posing a significant threat to user data and application security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References