Lucene search
K

34 matches found

ATTACKERKB
ATTACKERKB
added 2022/04/04 5:25 a.m.8 views

CVE-2022-25613

Authenticated Persistent Cross-Site Scripting XSS vulnerability in FV Flowplayer Video Player WordPress plugin versions = 7.5.18.727 via wpflowplayerfieldsplash parameter...

5.4CVSS5.6AI score0.00549EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/18 6:15 p.m.1 views

CVE-2022-25607

Authenticated author or higher user role SQL Injection SQLi vulnerability discovered in FV Flowplayer Video Player WordPress plugin versions = 7.5.15.727...

7.2CVSS7.2AI score0.00795EPSS
Exploits0References2
OSV
OSV
added 2021/10/06 4:15 p.m.3 views

CVE-2021-39350

The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the playerid parameter found in the /view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727...

6.1CVSS6.4AI score0.02135EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/10/06 12:0 a.m.3 views

PT-2021-22556 · WordPress · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FV Flowplayer Video Player WordPress plugin versions 7.5.0.727 through 7.5.2.727 Description: The issue allows attackers to inject arbitrary web scripts via the player id parameter found in the /view/stats.php file, enabling Reflected...

8.2CVSS6.3AI score0.02135EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.8 views

WordPress FV Flowplayer Video Player 跨站脚本漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. relevant is a relevant content display plugin used in it. A cross-site...

5.4CVSS6.1AI score0.0092EPSS
Exploits1References3
OSV
OSV
added 2019/08/15 3:15 p.m.4 views

CVE-2019-14800

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI...

5.3CVSS6.1AI score0.01516EPSS
Exploits1References2
CNVD
CNVD
added 2019/08/13 12:0 a.m.3 views

WordPress FV Flowplayer Video Player plugin cross-site scripting vulnerability (CNVD-2019-27687)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.02022EPSS
Exploits2References1
OSV
OSV
added 2019/08/09 2:15 p.m.5 views

CVE-2019-14801

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection...

9.8CVSS7.3AI score0.01815EPSS
Exploits0References1
OSV
OSV
added 2019/08/09 1:15 p.m.3 views

CVE-2019-14799

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...

6.1CVSS6.4AI score0.02022EPSS
Exploits2References3
Cvelist
Cvelist
added 2019/08/09 12:18 p.m.14 views

CVE-2019-14799

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...

6.3AI score0.02022EPSS
Exploits2References3
CNVD
CNVD
added 2019/07/16 12:0 a.m.2 views

WordPress FV Flowplayer Video Player SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A SQL injection vulnerability exists in WordPress FolioVisio...

10CVSS8AI score0.04371EPSS
Exploits0References1
NVD
NVD
added 2011/11/29 11:55 a.m.15 views

CVE-2011-4568

Cross-site scripting XSS vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI...

4.3CVSS5.8AI score0.01937EPSS
Exploits0References4
Prion
Prion
added 2011/11/29 11:55 a.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI...

4.3CVSS6.2AI score0.01937EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2011/11/29 11:0 a.m.40 views

CVE-2011-4568

CVE-2011-4568 affects the Flowplayer WP plugin: XSS via view/frontend-head.php in versions before 1.2.12, allowing remote attackers to inject arbitrary script/HTML through the URI. Impact is remote code execution in the context of the user’s browser (depending on login) with partial integrity imp...

4.3CVSS6AI score0.01937EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder