WordPress HTML5 Video Player plugin version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the ‘id’ parameter in the ‘get_view’ function.
View the template here CVE-2024-1061.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-1061