PatchSiren

VideoWhisper.com CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH VideoWhisper.com CVE published 2026-06-15

CVE-2026-27333

CVE-2026-27333 is a HIGH severity vulnerability with a CVSS score of 8.1. It affects Paid Videochat Turnkey Site versions <= 7.3.23, allowing for Unauthenticated Deserialization of untrusted data.

CRITICAL VideoWhisper.com CVE published 2026-06-15

CVE-2026-27053

CVE-2026-27053 is a critical vulnerability with a CVSS score of 9.8, affecting Broadcast Live Video plugin versions prior to 7.1.3. The vulnerability allows for unauthenticated PHP object injection. The CVE was published on 2026-06-15T21:16:40.640Z and last modified on 2026-06-15T21:24:32.790Z.

MEDIUM VideoWhisper.com CVE published 2026-05-26

CVE-2026-24590

A Missing Authorization vulnerability (CWE-862) in the Paid Videochat Turnkey Site WordPress plugin allows exploitation of incorrectly configured access control security levels. The vulnerability affects versions from n/a through 7.3.23. The CVSS 3.1 score of 5.3 (MEDIUM) indicates network-accessible attack vector with low attack complexity, no required privileges or user interaction, and low confidential [truncated]

HIGH VideoWhisper.com CVE published 2026-05-25

CVE-2026-24937

A high-severity code injection vulnerability exists in the Broadcast Live Video WordPress plugin by VideoWhisper.Com. The flaw, rated CVSS 7.2, allows authenticated attackers with high privileges to inject and execute arbitrary code. Affected versions span all releases prior to 7.1.3. The vulnerability was disclosed on 2026-05-25 and last modified on 2026-05-26. No known exploitation in ransomware campaig [truncated]