← back
CVE-2021-24512

Video Posts Webcam Recorder < 3.2.4 - Authenticated Reflected XSS

EPSS 0.6%CWE-79
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Aug 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Video Posts Webcam Recorder WordPress plugin before 3.2.4 has an authenticated reflected cross site scripting (XSS) vulnerability in one of the administrative functions for handling deletion of videos.