Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/09/11 4:31 a.m.13 views

CVE-2024-7727 HTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vpajaxhandler' ajax action in all versions up to, and including, 2.5.32. This makes it possible fo...

5.3CVSS6.8AI score0.00392EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/11 4:31 a.m.19 views

CVE-2024-7727 HTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vpajaxhandler' ajax action in all versions up to, and including, 2.5.32. This makes it possible fo...

5.3CVSS0.00392EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/09/11 12:0 a.m.9 views

WordPress Flash & HTML5 Video Plugin <= 2.5.32 is vulnerable to Broken Access Control

Software Flash & HTML5 Video Type Plugin Vulnerable versions = 2.5.32 Fixed in 2.5.33 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7727 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b5ae27e206ad Credits Lucio Sá Required...

5.3CVSS6.6AI score0.00392EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder