34 matches found
CVE-2022-25613
Authenticated Persistent Cross-Site Scripting XSS vulnerability in FV Flowplayer Video Player WordPress plugin versions = 7.5.18.727 via wpflowplayerfieldsplash parameter...
CVE-2022-25607
Authenticated author or higher user role SQL Injection SQLi vulnerability discovered in FV Flowplayer Video Player WordPress plugin versions = 7.5.15.727...
CVE-2021-39350
The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the playerid parameter found in the /view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727...
PT-2021-22556 · WordPress · Fv Flowplayer Video Player
Name of the Vulnerable Software and Affected Versions: FV Flowplayer Video Player WordPress plugin versions 7.5.0.727 through 7.5.2.727 Description: The issue allows attackers to inject arbitrary web scripts via the player id parameter found in the /view/stats.php file, enabling Reflected...
WordPress FV Flowplayer Video Player 跨站脚本漏洞
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. relevant is a relevant content display plugin used in it. A cross-site...
CVE-2019-14800
The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI...
WordPress FV Flowplayer Video Player plugin cross-site scripting vulnerability (CNVD-2019-27687)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A cross-site scripting vulnerability exists in the WordPress...
CVE-2019-14801
The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection...
CVE-2019-14799
The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...
CVE-2019-14799
The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...
WordPress FV Flowplayer Video Player SQL Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A SQL injection vulnerability exists in WordPress FolioVisio...
CVE-2011-4568
Cross-site scripting XSS vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI...
Cross site scripting
Cross-site scripting XSS vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI...
CVE-2011-4568
CVE-2011-4568 affects the Flowplayer WP plugin: XSS via view/frontend-head.php in versions before 1.2.12, allowing remote attackers to inject arbitrary script/HTML through the URI. Impact is remote code execution in the context of the user’s browser (depending on login) with partial integrity imp...