CVE-2024-1061 | HTML5 Video Player Plugin up to 2.5.24 on WordPress get_view id sql injection

Posted by Angelo Barbosa | Jan 30, 2024 | CVE

A vulnerability classified as critical has been found in HTML5 Video Player Plugin up to 2.5.24 on WordPress. Affected is the function get_view. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-1061. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-1061 | HTML5 Video Player Plugin up to 2.5.24 on WordPress get_view id sql injection

Related Posts

CVE-2023-45775 | Google Android 14 broadcaster.cc CreateAudioBroadcast out-of-bounds write

CVE-2023-48836 | PHP Jabbers Car Rental Script 3.0 cross site scripting

CVE-2023-45929 | S-Lang 2.3.2 fixup_tgetstr memory corruption

CVE-2024-25307 | code-projects Cinema Seat Reservation System 1.0 booking.php id sql injection