Lucene search
+L

5 matches found

patchstack
patchstack
added 2024/01/31 12:0 a.m.12 views

WordPress Flash & HTML5 Video Plugin < 2.5.25 is vulnerable to SQL Injection

Software Flash & HTML5 Video Type Plugin Vulnerable versions 2.5.25 Fixed in 2.5.25 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1061 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 417a838d6795 Credits Joshua Martinelle Required privilege...

9.8CVSS6.8AI score0.11215EPSS
Exploits1References3Affected Software1
circl
circl
added 2024/01/30 10:31 a.m.24 views

CVE-2024-1061

creationtimestamp| type| source ---|---|--- 2024-01-30 10:31:49+00:00| seen| https://t.me/ctinow/175820 2024-02-05 21:16:38+00:00| seen| https://t.me/ctinow/179497 2024-02-22 01:21:21+00:00| seen| https://t.me/ctinow/190285 2024-10-19 16:41:40+00:00| published-proof-of-concept|...

9.8CVSS7.3AI score0.11215EPSS
In wildExploits1References10
nvd
nvd
added 2024/01/30 9:15 a.m.28 views

CVE-2024-1061

The 'HTML5 Video Player' WordPress Plugin, version 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'getview' function...

9.8CVSS9.7AI score0.11215EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/01/30 8:26 a.m.7 views

CVE-2024-1061

The 'HTML5 Video Player' WordPress Plugin, version 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'getview' function...

8.6CVSS7.9AI score0.11215EPSS
Exploits1References1
cve
cve
added 2024/01/30 8:26 a.m.105 views

CVE-2024-1061

CVE-2024-1061 describes an unauthenticated SQL injection in the WordPress plugin “HTML5 Video Player” through the id parameter in the get_view function. Affected software: WordPress HTML5 Video Player plugin versions less than 2.5.25. Root cause: unauthenticated SQL injection in the id parameter....

9.8CVSS9.8AI score0.11215EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder