6 matches found
WordPress H5P plugin missing authorization vulnerability
WordPress H5P plugin is an open source plugin that allows users to create, manage and embed interactive multimedia content in WordPress websites. A lack of authorization vulnerability exists in WordPress H5P plugin, which can be exploited by an attacker to cause the exploitation of misconfigured...
CVE-2025-68505 WordPress H5P plugin <= 1.16.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through = 1.16.1...
CVE-2025-68505 WordPress H5P plugin <= 1.16.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through = 1.16.1...
CVE-2025-68505
Summary: CVE-2025-68505 describes a missing/incorrect authorization vulnerability in the WordPress H5P plugin, allowing exploitation of misconfigured access control security levels in versions up to and including 1.16.1. Affected product/component: H5P plugin for WordPress (versions
CVE-2025-62951 WordPress H5P plugin <= 1.16.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icc0rz H5P h5p allows Stored XSS.This issue affects H5P: from n/a through = 1.16.0...
WordPress H5P plugin <= 1.16.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin H5P versions = 1.16.0...