SQL Injection Vulnerability in LambertGroup Video Player and FullScreen Video Background
CVE-2025-47567

7.6HIGH

Key Information:

Vendor: WordPress
Status: Video Player & Fullscreen Video Background
Vendor: CVE Published:; 16 May 2025

What is CVE-2025-47567?

A vulnerability exists in the LambertGroup Video Player & FullScreen Video Background, allowing attackers to perform Blind SQL Injection. This security lapse affects all versions from n/a to 2.4.1, enabling unauthorized access to sensitive data through compromised SQL commands. Users are urged to apply necessary security patches and updates to mitigate potential risks.

Affected Version(s)

Video Player & FullScreen Video Background <= 2.4.1

References

https://patchstack.com/database/wordpress/plugin/universa...

vdb-entry

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2025
Vulnerability Reserved
May 7, 2025

Credit

NAWardRox (Patchstack Alliance)

JSON

WordPress

What is CVE-2025-47567?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit