Path Traversal Vulnerability in VideoWhisper Live Streaming Integration
CVE-2025-26752

8.6HIGH

Key Information:

Vendor: WordPress
Status: Videowhisper Live Streaming Integration
Vendor: CVE Published:; 25 February 2025

Summary

A Path Traversal vulnerability exists in the VideoWhisper Live Streaming Integration, allowing attackers to access restricted directories and potentially manipulate files outside of the intended directory. This security flaw affects all versions from n/a up to 6.2, posing a significant risk as it enables unauthorized access to sensitive data and file systems within the application.

Affected Version(s)

VideoWhisper Live Streaming Integration <= 6.2

References

https://patchstack.com/database/wordpress/plugin/videowhi...

vdb-entry

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Feb 14, 2025

Credit

muhammad yudha (Patchstack Alliance)