Browse all 25 CVE security advisories affecting videowhisper. AI-powered Chinese analysis, POCs, and references for each vulnerability.
VideoWhisper is a software provider specializing in video conferencing and remote collaboration solutions, primarily targeting enterprise and educational sectors. Security audits have identified twenty-five distinct Common Vulnerabilities and Exposures (CVEs) associated with its platform, indicating a significant historical attack surface. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and Privilege Escalation flaws. These defects often stem from inadequate input validation and improper access control mechanisms within the application’s web interface and API endpoints. Notable incidents involve attackers exploiting unpatched RCE vulnerabilities to gain unauthorized administrative access, leading to potential data exfiltration and service disruption. The company has released multiple patches to address these critical issues, yet the high volume of recorded CVEs suggests ongoing challenges in maintaining robust security hygiene across its product suite.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31075 | WordPress MicroPayments plugin <= 2.9.29 - Cross Site Scripting (XSS) vulnerability — MicroPaymentsCWE-80 | 6.5 | Medium | 2025-03-28 |
| CVE-2025-26579 | WordPress MicroPayments Paid Membership plugin <= 3.2.4 - Reflected Cross-Site Scripting vulnerability — MicroPaymentsCWE-79 | 7.1 | High | 2025-03-26 |
This page lists every published CVE security advisory associated with videowhisper. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.