Wp Plugin Video Comments Webcam Recorder

Plugin Details

Plugin Name: wp-plugin : video-comments-webcam-recorder
Effected Version : 1.55 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Minimum Level of Access Required : Unauthenticated
CVE Number : CVE-2014-4567
Identified by : Anantshri
WPScan Reference URL

Disclosure Timeline

Technical Details


//   Vulnerable Parameter : message   Trac Log : https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=839986%40video-comments-webcam-recorder&old=686438%40video-comments-webcam-recorder Note : This plugin was updated in place which means those who downloaded this version from the time of release till the fix was applied are all vulnerable however after fix date any download is patched.