Lucene search
K

7 matches found

Nuclei
Nuclei
added yesterday166 views

WordPress HTML5 Video Player < 2.5.27 - SQL Injection

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks id: CVE-2024-5522 info: name: WordPress HTML5 Video Player 2.5.27 - SQL Injection...

6.5CVSS6.1AI score0.02618EPSS
Exploits6References2
GithubExploit
GithubExploit
added 2024/09/11 4:46 a.m.522 views

Exploit for SQL Injection in Bplugins Html5_Video_Player

CVE-2024-5522-PoC : HTML5 Video Player 2.5.27 - Unauthentica...

6.5CVSS7.1AI score0.02618EPSS
Exploits6
OSV
OSV
added 2024/06/20 6:15 a.m.5 views

CVE-2024-5522

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

6.5CVSS5.8AI score0.02618EPSS
Exploits6References1
Vulnrichment
Vulnrichment
added 2024/06/20 6:0 a.m.25 views

CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

7.6AI score0.02618EPSS
Exploits6References1
Cvelist
Cvelist
added 2024/06/20 6:0 a.m.49 views

CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

0.02618EPSS
Exploits6References1
GithubExploit
GithubExploit
added 2024/05/31 4:41 a.m.772 views

Exploit for SQL Injection in Bplugins Html5_Video_Player

CVE-2024-5522-Poc CVE-2024-5522 HTML5 Video Player = 2.5.2...

6.5CVSS7.2AI score0.02618EPSS
Exploits6
Patchstack
Patchstack
added 2024/05/31 12:0 a.m.24 views

WordPress Flash & HTML5 Video Plugin < 2.5.27 is vulnerable to SQL Injection

Software Flash & HTML5 Video Type Plugin Vulnerable versions 2.5.27 Fixed in 2.5.27 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5522 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID a6949d7fc215 Credits Mayank Deshmukh Required privilege...

6.5CVSS6.7AI score0.02618EPSS
Exploits6References4Affected Software1
Rows per page
Query Builder