Cross-Site Request Forgery Issue in VideoWhisper Live Streaming Software
CVE-2025-48255
8.8HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 19 May 2025
What is CVE-2025-48255?
A Cross-Site Request Forgery (CSRF) vulnerability exists in VideoWhisper's Broadcast Live Video software, particularly in versions up to 6.2.4. This flaw allows attackers to trick users into executing unauthorized actions in their live streaming accounts, potentially compromising user data and video content. It is crucial for users to address this issue promptly to safeguard their streaming environments.
Affected Version(s)
Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP <= 6.2.4