Lucene search
K

297 matches found

Prion
Prion
added 2023/08/18 3:15 p.m.13 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.32.7212 versions...

5.8CVSS6AI score0.00396EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/18 2:41 p.m.22 views

CVE-2023-30499 WordPress FV Flowplayer Video Player Plugin <= 7.5.32.7212 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.32.7212 versions...

7.1CVSS6.3AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/18 2:41 p.m.13 views

CVE-2023-30499 WordPress FV Flowplayer Video Player Plugin <= 7.5.32.7212 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.32.7212 versions...

7.1CVSS5.9AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2023/08/18 2:41 p.m.37 views

CVE-2023-30499

CVE-2023-30499 refers to an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the FolioVision FV Flowplayer Video Player plugin for WordPress, affected versions

7.1CVSS6AI score0.00396EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/18 12:0 a.m.4 views

PT-2023-22735 · Foliovision · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FolioVision FV Flowplayer Video Player plugin versions prior to 7.5.32.7212 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a...

7.1CVSS6.3AI score0.00396EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/18 12:0 a.m.5 views

WordPress plugin FV Flowplayer Video Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.00396EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/05/03 12:0 a.m.9 views

WordPress FV Flowplayer Video Player Plugin <= 7.5.32.7212 is vulnerable to Cross Site Scripting (XSS)

Software FV Flowplayer Video Player Type Plugin Vulnerable versions = 7.5.32.7212 Fixed in 7.5.35.7212 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30499 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 08f2f9dc3464...

7.1CVSS5.6AI score0.00396EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.1 views

SUSE CVE-2015-5337

Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted .swf file...

6.1CVSS6AI score0.01077EPSS
Exploits0References3
OSV
OSV
added 2023/02/14 6:15 a.m.2 views

CVE-2023-25066

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

8.8CVSS7.3AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2023/02/14 6:15 a.m.19 views

CVE-2023-25066

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

8.8CVSS5.8AI score0.00271EPSS
Exploits0References1
Prion
Prion
added 2023/02/14 6:15 a.m.17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

6.8CVSS8.7AI score0.00271EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/14 5:32 a.m.10 views

CVE-2023-25066 WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

4.3CVSS8.8AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2023/02/14 5:32 a.m.46 views

CVE-2023-25066

CVE-2023-25066 is a Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin for WordPress, affected versions

8.8CVSS6.5AI score0.00271EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/14 5:32 a.m.25 views

CVE-2023-25066 WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

4.3CVSS9AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.5 views

WordPress Plugin FolioVision FV Flowplayer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS8AI score0.00271EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.6 views

PT-2023-19911 · Foliovision · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FolioVision FV Flowplayer Video Player plugin versions = 7.5.30.7212 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...

8.8CVSS8.4AI score0.00271EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/02/02 12:0 a.m.10 views

WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF)

Software FV Flowplayer Video Player Type Plugin Vulnerable versions = 7.5.30.7212 Fixed in 7.5.31.7212 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25066 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6e1e63620b79...

8.8CVSS7AI score0.00271EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/12/19 2:15 p.m.2 views

CVE-2022-3984

The Flowplayer Video Player WordPress plugin before 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00471EPSS
Exploits2References1
NVD
NVD
added 2022/12/19 2:15 p.m.15 views

CVE-2022-3984

The Flowplayer Video Player WordPress plugin before 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS0.00471EPSS
Exploits2References1
Prion
Prion
added 2022/12/19 2:15 p.m.21 views

Cross site scripting

The Flowplayer Video Player WordPress plugin before 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

4.9CVSS5.4AI score0.00471EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder