WordPress Plugin Vulnerabilities

Spider Video Player <= 2.1 - SQL Injection

Description

The SpiderVPlayer WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
player
No known fix

References

CVE
CVE-2013-3532
URL
https://packetstormsecurity.com/files/#121250/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/83374

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
29014133-f424-48fa-998c-c33d05d8560e

Timeline

Publicly Published
2013-04-11 (about 12 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-04-22
Title
Frontend Dashboard < 2.2.6 - Unauthenticated SQL Injection
Published
2025-09-22
Title
Perfect Brands for WooCommerce < 3.6.3 - Authenticated (Contributor+) SQL Injection
Published
2026-03-20
Title
CMS Commander <= 2.288 - Custom+ SQL Injection via 'or_blogname' Parameter
Published
2025-03-31
Title
RSVPMarker < 11.6.8 - Unauthenticated SQL Injection
Published
2024-08-01
Title
Salon booking system < 10.8 - Authenticated (Administrator+) SQL Injection