CVE-2026-24937

HIGH7.2Remote code exec

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

VideoWhisper.com / Broadcast Live Videon/a – 7.1.3

References

MISChttps://patchstack.com/database/wordpress/plugin/videowhisper-live-streaming-integration/vulnerability/wordpress-broadcast-live-video-plugin-7-1-3-remote-code-execution-rce-vulnerability?_s_id=cve