5 matches found
WordPress Flash & HTML5 Video Plugin < 2.5.25 is vulnerable to SQL Injection
Software Flash & HTML5 Video Type Plugin Vulnerable versions 2.5.25 Fixed in 2.5.25 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1061 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 417a838d6795 Credits Joshua Martinelle Required privilege...
CVE-2024-1061
creationtimestamp| type| source ---|---|--- 2024-01-30 10:31:49+00:00| seen| https://t.me/ctinow/175820 2024-02-05 21:16:38+00:00| seen| https://t.me/ctinow/179497 2024-02-22 01:21:21+00:00| seen| https://t.me/ctinow/190285 2024-10-19 16:41:40+00:00| published-proof-of-concept|...
CVE-2024-1061
The 'HTML5 Video Player' WordPress Plugin, version 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'getview' function...
CVE-2024-1061
The 'HTML5 Video Player' WordPress Plugin, version 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'getview' function...
CVE-2024-1061
CVE-2024-1061 describes an unauthenticated SQL injection in the WordPress plugin “HTML5 Video Player” through the id parameter in the get_view function. Affected software: WordPress HTML5 Video Player plugin versions less than 2.5.25. Root cause: unauthenticated SQL injection in the id parameter....