CVE-2026-27333
CVE-2026-27333 is a HIGH severity vulnerability with a CVSS score of 8.1. It affects Paid Videochat Turnkey Site versions <= 7.3.23, allowing for Unauthenticated Deserialization of untrusted data.
These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-27333 is a HIGH severity vulnerability with a CVSS score of 8.1. It affects Paid Videochat Turnkey Site versions <= 7.3.23, allowing for Unauthenticated Deserialization of untrusted data.
CVE-2026-27053 is a critical vulnerability with a CVSS score of 9.8, affecting Broadcast Live Video plugin versions prior to 7.1.3. The vulnerability allows for unauthenticated PHP object injection. The CVE was published on 2026-06-15T21:16:40.640Z and last modified on 2026-06-15T21:24:32.790Z.
A Missing Authorization vulnerability (CWE-862) in the Paid Videochat Turnkey Site WordPress plugin allows exploitation of incorrectly configured access control security levels. The vulnerability affects versions from n/a through 7.3.23. The CVSS 3.1 score of 5.3 (MEDIUM) indicates network-accessible attack vector with low attack complexity, no required privileges or user interaction, and low confidential [truncated]
A high-severity code injection vulnerability exists in the Broadcast Live Video WordPress plugin by VideoWhisper.Com. The flaw, rated CVSS 7.2, allows authenticated attackers with high privileges to inject and execute arbitrary code. Affected versions span all releases prior to 7.1.3. The vulnerability was disclosed on 2026-05-25 and last modified on 2026-05-26. No known exploitation in ransomware campaig [truncated]