Vulnerabilities > Hdwplayer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-15 | CVE-2023-49178 | Cross-site Scripting vulnerability in Hdwplayer HDW Player Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr. | 6.1 |
2014-08-06 | CVE-2014-5180 | SQL Injection vulnerability in Hdwplayer Hdw-Player-Video-Player-Video-Gallery 2.4.2 SQL injection vulnerability in the videos page in the HDW Player Plugin (hdw-player-video-player-video-gallery) 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php. | 6.5 |