Sensitive Information Injection Vulnerability Affects VideoWhisper.Com Products
CVE-2024-49235
7.5HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 17 October 2024
What is CVE-2024-49235?
The vulnerability stems from a flaw in VideoWhisper.com’s suite of products, specifically the Contact Forms, Live Support, CRM, and Video Messages. This issue permits the retrieval of sensitive information embedded within sent data, potentially exposing users to security risks. It affects versions up to 1.10.2 and highlights the importance of adequate information handling and protection measures within these applications.
Affected Version(s)
Contact Forms, Live Support, CRM, Video Messages <= 1.10.2