CVE-2021-24512

Name of the Vulnerable Software and Affected Versions Video Posts Webcam Recorder WordPress plugin versions prior to 3.2.4

Description The issue is an authenticated reflected cross site scripting (XSS) vulnerability in one of the administrative functions for handling deletion of videos. This means that an attacker could potentially inject malicious code into the website, which would then be executed by the user's browser, allowing the attacker to steal user data or take control of the user's session.

Recommendations For versions prior to 3.2.4, update to version 3.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative functions for handling video deletion until the update is applied.