CVE-2019-25689

HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...

CVE-2025-27005

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...

WordPress HTML5 Video Player plugin <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler vulnerability

Missing Authorization in multiple functions via h5vpajaxhandler vulnerability discovered by Lucio Sá in WordPress Plugin Flash & HTML5 Video versions = 2.5.32...

WordPress HTML5 Video Player plugin <= 2.5.34 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Options Update vulnerability discovered by Lucio Sá in WordPress Plugin Flash & HTML5 Video versions = 2.5.34...

PT-2024-16405 · Unknown · Html5 Video Player

Name of the Vulnerable Software and Affected Versions: HTML5 Video Player version 2.5.25 Description: The issue is an unauthenticated SQL injection vulnerability. It affects the id parameter in the get view function. Recommendations: For version 2.5.25, update to version 2.5.25 or later to resolv...