ID | CVE-2024-5522 | ||||||
Summary | The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks | ||||||
References | |||||||
Vulnerable Configurations |
|
||||||
CVSS |
|
||||||
Access |
|
||||||
Impact |
|
||||||
Last major update | 03-07-2024 - 02:09 | ||||||
Published | 20-06-2024 - 06:15 | ||||||
Last modified | 03-07-2024 - 02:09 |