Bplugins Html5_video_player
6 CVEs affecting Bplugins Html5_video_player. Latest disclosed: 2024-11-01. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1061 | High | 8.6 | 2024-01-30 | The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'get_vi… |
CVE-2024-5522 | Medium | 6.5 | 2024-06-20 | The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing… |
CVE-2023-6485 | Medium | 5.4 | 2024-01-01 | The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks a… |
CVE-2024-7727 | Medium | 5.3 | 2024-09-11 | The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check… |
CVE-2024-43296 | Medium | 4.3 | 2024-11-01 | Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Video allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe… |
CVE-2024-7721 | Medium | 4.3 | 2024-09-11 | The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability… |