CVE-2024-7721

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_password' function in all versions up to, and including, 2.5.34. This makes it possible for authenticated attackers, with Subscriber-level access and above, to set any options that are not explicitly checked as false to an array, including enabling user registration if it has been disabled.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L79	Issue Tracking
https://plugins.trac.wordpress.org/changeset/3148088/	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc3f308-d1e1-430b-bccd-168c0972fe7c?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:*

History

18 Sep 2024, 18:01

Type	Values Removed	Values Added
First Time		Bplugins Bplugins html5 Video Player
References	~~() https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L79 -~~	() https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L79 - Issue Tracking
References	~~() https://plugins.trac.wordpress.org/changeset/3148088/ -~~	() https://plugins.trac.wordpress.org/changeset/3148088/ - Patch
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc3f308-d1e1-430b-bccd-168c0972fe7c?source=cve -~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc3f308-d1e1-430b-bccd-168c0972fe7c?source=cve - Third Party Advisory
CPE		cpe:2.3:a:bplugins:html5_video_player::::::wordpress::*

11 Sep 2024, 16:26

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-11 05:15

Updated : 2024-09-18 18:01

NVD link : CVE-2024-7721

Mitre link : CVE-2024-7721

CVE.ORG link : CVE-2024-7721

JSON object : View

Products Affected

bplugins

html5_video_player

CWE

CWE-862

Missing Authorization

{"id": "CVE-2024-7721", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-09-11T05:15:03.180", "references": [{"url": "https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L79", "tags": ["Issue Tracking"], "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/changeset/3148088/", "tags": ["Patch"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc3f308-d1e1-430b-bccd-168c0972fe7c?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The HTML5 Video Player \u2013 mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_password' function in all versions up to, and including, 2.5.34. This makes it possible for authenticated attackers, with Subscriber-level access and above, to set any options that are not explicitly checked as false to an array, including enabling user registration if it has been disabled."}, {"lang": "es", "value": "El complemento HTML5 Video Player \u2013 mp4 Video Player Plugin and Block para WordPress son vulnerables a la modificaci\u00f3n no autorizada de datos debido a una verificaci\u00f3n de capacidad faltante en la funci\u00f3n 'save_password' en todas las versiones hasta la 2.5.34 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, establezcan cualquier opci\u00f3n que no est\u00e9 marcada expl\u00edcitamente como falsa en una matriz, incluida la habilitaci\u00f3n del registro de usuario si se ha deshabilitado."}], "lastModified": "2024-09-18T18:01:01.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "551DBCE2-9953-489E-B3E6-F4223F0C516F", "versionEndExcluding": "2.5.35"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}