Vulnerabilities > Videowhisper > Video Presentation > 3.25
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-07-02 | CVE-2014-4570 | Cross-Site Scripting vulnerability in Videowhisper Video Presentation 3.25 Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) room_name parameter to c_login.php or (2) room parameter to index.php in vp/. | 4.3 |