Vulnerability Details CVE-2014-1908
The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.064
EPSS Ranking 90.5%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2014-1908
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:1.0.2
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:2.0
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:2.1
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:2.2
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.0.5
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.0.7
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.25
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.27
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.27.2
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.27.3
-
cpe:2.3:a:videowhisper:videowhisper_live_streaming_integration:4.27.4