Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to ls/htmlchat.php or (2) bgcolor parameter to ls/index.php. NOTE: vector 1 may overlap CVE-2014-1906.4.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-03-19T21:00:00

Updated: 2024-08-06T10:06:00.325Z

Reserved: 2014-03-06T00:00:00

Link: CVE-2014-2297

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-19T21:29:00.270

Modified: 2018-10-09T19:43:13.003

Link: CVE-2014-2297

cve-icon Redhat

No data.