Bplugins Html5 Video Player — known CVE vulnerabilities
Every CVE whose affected-product data names Bplugins Html5 Video Player, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-1061 — CVSS 8.6 (high): The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id'…
CVE-2024-5522 — CVSS 6.5 (medium): The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL…
CVE-2023-6485 — CVSS 5.4 (medium): The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing…
CVE-2024-7727 — CVSS 5.3 (medium): The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a…
CVE-2024-43296 — CVSS 4.3 (medium): Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Video allows Exploiting Incorrectly Configured Access Control Security…
CVE-2024-7721 — CVSS 4.3 (medium): The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to…