Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection - CVE-2024-5522 - Vulnerability Database
WP Plugin Html5 Video Player

WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection - CVE-2024-5522

Critical
Reference: CVE-2024-5522
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-5522
Title: WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection
Overview:

WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application access or modify data or exploit latent vulnerabilities in the underlying database. WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block version 2.5.26 is vulnerable prior versions may also be affected.