Primary

Context

Videowhisper Paid Videochat Turnkey Site Weak Password Recovery Vulnerability

Vulnerability

A vulnerability exists in the Videowhisper Paid Videochat Turnkey Site, specifically in versions through 7.3.11, due to a weak password recovery mechanism. This flaw allows for the exploitation of password recovery processes, potentially leading to unauthorized access.

Impact

Exploitation of this vulnerability could allow attackers to bypass authentication mechanisms, gaining access to user accounts or administrative privileges on the site.

Remediation

Users of the Videowhisper Paid Videochat Turnkey Site should update to version 7.3.12 or later to address this vulnerability. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Videowhisper Paid Videochat Turnkey Site Weak Password Recovery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating