CVE-2024-49235

HIGH

VideoWhisper.Com - Info Disclosure

Title source: llm

Description

Insertion of Sensitive Information Into Sent Data vulnerability in VideoWhisper.Com Contact Forms, Live Support, CRM, Video Messages allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through 1.10.2.

References (1)

[Third Party Advisory] https://patchstack.com/database/vulnerability/live-support-tickets/wordpress-contact-forms-live-support-crm-video-messages-plugin-1-10-2-sensitive-data-exposure-vulnerability?_s_id=cve

Scores

CVSS v3 7.5

EPSS 0.0084

EPSS Percentile 74.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-201

Status draft

Timeline

Published Oct 17, 2024

Tracked Since Feb 18, 2026