WordPress Plugin Vulnerabilities

Plugin HD Webplayer <= 1.1 - SQL Injections

Description

The last time it was checked the plugin was still affected and had been closed.

Proof of Concept

Affects Plugins

Plugin icon
hd-webplayer
No known fix

References

Exploitdb
20918

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Original Researcher
JOINSE7EN
Submitter
Chris Moore
Verified
No
WPVDB ID
9da34f0a-0f08-4667-9f1e-6f3227d9d07f

Timeline

Publicly Published
2012-08-28 (about 13 years ago)
Added
2019-09-10 (about 6 years ago)
Last Updated
2020-03-13 (about 6 years ago)

Other

Published
Title
Published
2024-08-26
Title
SendGrid for WordPress <= 1.4 - Unauthenticated SQL Injection
Published
2024-07-19
Title
UiPress lite < 3.4.07 - Authenticated (Administrator+) SQL Injection
Published
2022-06-09
Title
Social Share Buttons < 2.2.4 - Subscriber+ SQLi
Published
2025-07-08
Title
Premium SEO Pack <= 3.3.2 - Authenticated (Subscriber+) SQL Injection
Published
2025-10-23
Title
MasterStudy LMS < 3.6.28 - Authenticated (Instructor+) SQL Injection