Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-5522 PoC — HTML5 Video Player < 2.5.27 - Unauthenticated SQLi

Source
https://github.com/nak000/CVE-2024-5522-Poc
Associated Vulnerability
Title:HTML5 Video Player < 2.5.27 - Unauthenticated SQLi (CVE-2024-5522)
Description:The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
Description
CVE-2024-5522 HTML5 Video Player <= 2.5.26 - Unauthenticated SQL Injection
Readme
# CVE-2024-5522-Poc
CVE-2024-5522 HTML5 Video Player &lt;= 2.5.26 - Unauthenticated SQL Injection

Setup env:
1. Install HTML5 Video Player version 2.5.24 because version have html5-video-player.2.5.24\inc\Database\Videos.php create table h5vp_videos and version >=2.5.25  database folder not found
![image](https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/cb40facd-c24e-4bd0-bb3f-a0e321e3f963)

2. Active HTML5 Video Player version 2.5.24 after check database

![image](https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/7f6e9eaf-2dc6-407b-8407-7bce8cc40a61)

3. If you test HTML5 Video Player version 2.5.26 . Use command remove folder plugin HTML5 Video Player version 2.5.24 after remove plugin check ensure table wp_h5vp_videos exists on database (note: not uninstall plugin on dashboards website)

![image](https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/1fb594ce-a4b9-4654-bb20-1fdc922f5a4f)

4. Install HTML5 Video Player version 2.5.26 and active

Analysis

File: wp-content/plugins/html5-video-player/inc/Rest/VideoController.php

![image](https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/97e1dd11-794d-4ef7-aedf-8f0ca1324988)

Method: another_check default return true => 

![image](https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/c82c8628-9979-4c70-b84b-baa28de8dfa4)

Method: get_item

![image](https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/f86d0b4f-a0c2-41ef-a6ef-473038bbbdd5)

Poc:

https://github.com/truonghuuphuc/CVE-2024-5522-Poc/assets/20487674/23725a4d-9184-4f29-9654-580302ff5030
File Snapshot

 [4.0K]  /data/pocs/d3173657f77b6d718888432110dc9a462fc43f0e
├── [ 468]  CVE-2024-5522.py
├── [2.1M]  html5-video-player.2.5.24.rar
├── [2.1M]  html5-video-player.2.5.26.zip
└── [1.6K]  README.md

1 directory, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →