CVE-2024-5522

MEDIUM NUCLEI

HTML5 Video Player < 2.5.27 - Unauthenticated SQL Injection via REST Route Parameter

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-5522. PoCs published by geniuszly, kryptonproject. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a Python-based scanner for CVE-2024-5522, a vulnerability in WordPress sites. It checks for the presence of a specific payload response to determine vulnerability status.

Description

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks

Exploits (3)

nomisec SCANNER 10 stars

by geniuszly · poc

https://github.com/geniuszly/CVE-2024-5522

View Code ZIP pw:eip

This repository contains a Python-based scanner for CVE-2024-5522, a vulnerability in WordPress sites. It checks for the presence of a specific payload response to determine vulnerability status.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress (specific version not specified)

No auth needed

Prerequisites: List of target URLs · Payload file (payload.txt)

MITRE ATT&CK

T1595 - Active Scanning

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec SCANNER

by kryptonproject · poc

https://github.com/kryptonproject/CVE-2024-5522-PoC

View Code ZIP pw:eip

This repository contains a scanner for CVE-2024-5522, an unauthenticated SQL injection vulnerability in the HTML5 Video Player WordPress plugin. The script checks for vulnerability by sending crafted requests to target URLs and verifying the presence of a specific string in the response.

Classification

Scanner 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: HTML5 Video Player WordPress plugin < 2.5.27

No auth needed

Prerequisites: List of target URLs · Python 3.x · requests library · colorama library

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

inthewild SCANNER

poc

https://github.com/geniuszlyy/cve-2024-5522

View Code ZIP pw:eip

This repository contains a Python-based scanner for detecting CVE-2024-5522 in WordPress sites. It checks for vulnerability by sending a crafted payload to a specific endpoint and analyzing the response for a marker.

Classification

Scanner 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: WordPress with vulnerable plugin (likely related to H5VP)

No auth needed

Prerequisites: List of target URLs · Payload file (payload.txt)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 23, 2026 Full analysis →

Nuclei Templates (1)

WordPress HTML5 Video Player < 2.5.27 - SQL Injection

CRITICALVERIFIEDby JohnDoeAnonITA

References (1)

Core 1

Core References

Exploit, Third Party Advisory exploit vdb-entry technical-description

https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/

Scores

CVSS v3 6.5

EPSS 0.8384

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (1)

bplugins/html5_video_player < 2.5.27

Published Jun 20, 2024

Tracked Since Feb 18, 2026