CVE-2024-1061 | HTML5 Video Player Plugin up to 2.5.24 on WordPress get_view id sql injection

Inserito da Angelo Barbosa | Gen 30, 2024 | CVE

A vulnerability classified as critical has been found in HTML5 Video Player Plugin up to 2.5.24 on WordPress. Affected is the function get_view. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-1061. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-1061 | HTML5 Video Player Plugin up to 2.5.24 on WordPress get_view id sql injection

Post correlati

CVE-2024-0565 | Linux Kernel up to 6.7-rc5 SMB Client fs/smb/client/smb2ops.c receive_encrypted_standard integer underflow

CVE-2023-33219 | IDEMIA SIGMA Lite & Lite + Retrofit Validation Command stack-based overflow

CVE-2024-43330 | IdeaBox Creations PowerPack for Beaver Builder Plugin up to 2.37.3 on WordPress cross site scripting

CVE-2023-40112 | Google Android 11 ipp.c ippSetValueTag information disclosure