7 matches found
WordPress HTML5 Video Player < 2.5.27 - SQL Injection
The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks id: CVE-2024-5522 info: name: WordPress HTML5 Video Player 2.5.27 - SQL Injection...
Exploit for SQL Injection in Bplugins Html5_Video_Player
CVE-2024-5522-PoC : HTML5 Video Player 2.5.27 - Unauthentica...
CVE-2024-5522
The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...
CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi
The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...
CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi
The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...
Exploit for SQL Injection in Bplugins Html5_Video_Player
CVE-2024-5522-Poc CVE-2024-5522 HTML5 Video Player = 2.5.2...
WordPress Flash & HTML5 Video Plugin < 2.5.27 is vulnerable to SQL Injection
Software Flash & HTML5 Video Type Plugin Vulnerable versions 2.5.27 Fixed in 2.5.27 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5522 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID a6949d7fc215 Credits Mayank Deshmukh Required privilege...