Html5 Video Player With Playlist Plugin Security Vulnerabilities and Issues — Html5 Video Player With Playlist Plugin CVE List

Lucene search

Html5 Video Player With Playlist Plugin ProjectHtml5 Video Player With Playlist Plugin

3 matches found

CVE•added 2024/06/20 6:15 a.m.•74 views

CVE-2024-5522

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks

6.5CVSS7AI score0.73387EPSS

CVE•added 2024/01/01 3:15 p.m.•42 views

CVE-2023-6485

The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored Cross-Site Scripting attacks against high...

5.4CVSS5.2AI score0.02446EPSS

CVE•added 2014/07/02 8:55 p.m.•34 views

CVE-2014-4534

Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) theme or (2) playlistmod parameter.

4.3CVSS6AI score0.00174EPSS