Lucene search

PatchstackCVELIST:CVE-2024-32078

HistoryApr 24, 2024 - 3:40 p.m.

CVE-2024-32078 WordPress FV Player plugin <= 7.5.44.7212 - Unvalidated Redirects and Forwards vulnerability

2024-04-2415:40:22

CWE-601

Patchstack

www.cve.org

wordpress

fv player

unvalidated redirects

4.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.1%

JSON

URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "fv-wordpress-flowplayer",
    "product": "FV Flowplayer Video Player",
    "vendor": "Foliovision",
    "versions": [
      {
        "changes": [
          {
            "at": "7.5.45.7212",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.5.44.7212",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-player-plugin-7-5-44-7212-unvalidated-redirects-and-forwards-vulnerability?_s_id=cve

4.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.1%

JSON

Related for CVELIST:CVE-2024-32078