CVE-2024-7727 – HTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler
https://notcve.org/view.php?id=CVE-2024-7727
The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vp_ajax_handler' ajax action in all versions up to, and including, 2.5.32. This makes it possible for unauthenticated attackers to call these functions to manipulate data. • https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L5 https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/ImportData.php#L4 https://plugins.trac.wordpress.org/changeset/3139559 https://www.wordfence.com/threat-intel/vulnerabilities/id/908df18e-7178-4d40-becb-86e1a714a7da?source=cve • CWE-862: Missing Authorization •
CVE-2024-1061 – HTML5 Video Player <= 2.5.24 - Unauthenticated SQL Injection via id
https://notcve.org/view.php?id=CVE-2024-1061
The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'get_view' function. El complemento de WordPress 'HTML5 Video Player', versión <2.5.25, se ve afectado por una vulnerabilidad de inyección SQL no autenticada en el parámetro 'id' de la función 'get_view'. The Html5 Video Player plugin for WordPress is vulnerable to SQL Injection via the 'id’ parameter in all versions up to, and including, 2.5.24 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://www.tenable.com/security/research/tra-2024-02 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-23508 – WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2024-23508
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17. Vulnerabilidad de Neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site Scripting') en PDF Poster – PDF Embedder Plugin para WordPress permite XSS reflejado. Este problema afecta a PDF Poster – PDF Embedder Plugin para WordPress: desde n/a hasta 2.1. 17. The PDF Poster - PDF Embedder Plugin for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.1.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/pdf-poster/wordpress-pdf-poster-plugin-2-1-17-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-6485 – Html5 Video Player < 2.5.19 - Subscriber+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-6485
The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored Cross-Site Scripting attacks against high privilege users like admins El complemento Html5 Video Player de WordPress anterior a 2.5.19 no sanitiza ni escapa a algunas de las configuraciones de su reproductor, lo que, combinado con la falta de comprobaciones de capacidad en torno al complemento, podría permitir que cualquier usuario autenticado, como suscriptores bajos, realice ataques de Cross-Site Scripting almacenado contra usuarios con altos privilegios como administradores The Html5 Video Player – mp4 player, Video Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.5.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/759b3866-c619-42cc-94a8-0af6d199cc81 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-5860 – Icons Font Loader <= 1.1.2 - Authenticated (Administrator+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-5860
The Icons Font Loader plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. El complemento Icons Font Loader para WordPress es vulnerable a cargas de archivos arbitrarias debido a la falta de validación del tipo de archivo en la función de carga en todas las versiones hasta la 1.1.2 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecución remota de código. • https://plugins.trac.wordpress.org/changeset/2987296/icons-font-loader https://www.wordfence.com/threat-intel/vulnerabilities/id/12a9fbe8-445a-478a-b6ce-cd669ccb6a2d?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •