CVE-2019-14801

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection...

Sql injection

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection...

CVE-2019-14801

The CVE concerns the FV Flowplayer Video Player WordPress plugin prior to version 7.3.15.727, where an email subscription feature is vulnerable to SQL injection. Affected component: FV Flowplayer Video Player plugin for WordPress; root cause: lack of input validation in SQL statements used during...

CVE-2019-14799

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...

CVE-2019-14799

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...

Cross site scripting

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...

CVE-2019-14799

The FV Flowplayer Video Player plugin for WordPress (versions prior to 7.3.14.727) exposes an XSS vulnerability via the unauthenticated AJAX endpoint wp-admin/admin-ajax.php, fv_wp_flowplayer_email_signup. An attacker can submit crafted data to the email parameter (e.g., via list=1 and email fiel...

CVE-2019-14799

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS...

PT-2019-13844 · Fv Flowplayer · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FV Flowplayer Video Player plugin versions prior to 7.3.14.727 Description: The issue allows email subscription XSS. Recommendations: For versions prior to 7.3.14.727, update to version 7.3.14.727 or later to resolve the issue...

WordPress FV Flowplayer Video Player Plugin < 7.3.19.727 SQLi Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112608";...

CVE-2019-13573

A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2019-13573

A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Sql injection

A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2019-13573

CVE-2019-13573 affects the FolioVision FV Flowplayer Video Player WordPress plugin, prior to version 7.3.19.727. The vulnerability is a SQL injection caused by lack of proper sanitization of user input, enabling a remote attacker to execute arbitrary SQL commands on the affected system. Some conn...

CVE-2019-13573

A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

PT-2019-13433 · Foliovision · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FolioVision FV Flowplayer Video Player plugin versions prior to 7.3.19.727 Description: A SQL injection issue exists, allowing a remote attacker to execute arbitrary SQL commands on the affected system. Recommendations: For versions prior to...

WordPress FV Flowplayer Video Player SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A SQL injection vulnerability exists in WordPress FolioVisio...

WordPress FV Flowplayer Video Player plugin <= 7.3.18.727 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Tin Duong in WordPress FV Flowplayer Video Player plugin versions = 7.3.18.727. Solution Update the WordPress FV Flowplayer Video Player plugin to the latest available version at least 7.3.19.727...

FV Flowplayer Video Player <= 7.3.18.727 - SQL Injection

Lack of sanitisation in the order and orderby variable in the getListPageData function could allow SQL Injection attacks...

WordPress FV Flowplayer Video Player plugin <= 7.3.14.727 - CSV Export vulnerability

CSV Export vulnerability found in WordPress FV Flowplayer Video Player plugin versions = 7.3.14.727. Solution Update the WordPress FV Flowplayer Video Player plugin to the latest available version at least 7.3.15.727...