PT-2026-47635

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment text in all versions up to, and including, 7.5.49.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2019-13844 · Fv Flowplayer · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FV Flowplayer Video Player plugin versions prior to 7.3.14.727 Description: The issue allows email subscription XSS. Recommendations: For versions prior to 7.3.14.727, update to version 7.3.14.727 or later to resolve the issue...