cleantalk
Vulnerabilities and Security Researches

Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP, CVE-2014-1907

CVE, Research URL

CVE-2014-1907

Home page URL

Security reports for Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP

Application

Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP

Published on
Mar 06, 2014
Research Description
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_logout.php.
Affected versions
Min -, max 4.29.5.
Status
vulnerable
Previous vulnerability researches
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2025-48255) , Jun 04, 2025
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2023-25699) , Jun 07, 2024
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2014-2297) , Jun 07, 2024
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2014-1908) , Jun 07, 2024
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2014-1905) , Jun 07, 2024
New vulnerability
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025
Royal Elementor Addons and Templates (CVE-2025-3813) , Jun 06, 2025