CVE-2024-52431

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0...

CVE-2024-52431

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0...

CVE-2024-52431

CVE-2024-52431 affects WordPress Video Robot - The Ultimate Video Importer (Pressaholic) up to version 1.20.0. Root cause: improper neutralization of special elements in SQL queries, enabling SQL Injection. Impact: high confidentiality, integrity, and availability implications per CVSS vectors; i...

CVE-2024-9192

CVE-2024-9192 affects WordPress Video Robot - The Ultimate Video Importer plugin for WordPress (versions up to 1.20.0). The issue stems from insufficient validation of user meta that can be updated in wpvr_rate_request_result(), enabling authenticated attackers with subscriber-level access or hig...

CVE-2024-9192 WP Video Robot <= 1.20.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update

The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvrraterequestresult function in all versions up to, and including, 1.20.0. This makes it possible for...

CVE-2024-9192 WP Video Robot <= 1.20.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update

The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvrraterequestresult function in all versions up to, and including, 1.20.0. This makes it possible for...