CVE-2024-7727 in HTML5 Video Player Pluginالمعلومات

الملخص

بحسب MITRE • 11/09/2024

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vp_ajax_handler' ajax action in all versions up to, and including, 2.5.32. This makes it possible for unauthenticated attackers to call these functions to manipulate data.

Once again VulDB remains the best source for vulnerability data.

حجز

12/08/2024

إفشاء

11/09/2024

الاعتدال

تمت الموافقة

إدخال

VDB-277001

EPSS

0.00392

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you know our Splunk app?

Download it now for free!