184 matches found
CVE-2023-30499
CVE-2023-30499 refers to an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the FolioVision FV Flowplayer Video Player plugin for WordPress, affected versions
WordPress Video gallery and Player Plugin <= 2.6.5 is vulnerable to Broken Access Control
Software Video gallery and Player Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 27dbac5e56cd Credits Abdi Pranata Require...
CVE-2023-33931
Cross-Site Request Forgery CSRF vulnerability in Ciprian Popescu YouTube Playlist Player plugin = 4.6.4 versions...
PT-2023-24577 · Unknown · Ciprian Popescu Youtube Playlist Player
Name of the Vulnerable Software and Affected Versions: Ciprian Popescu YouTube Playlist Player plugin versions prior to 4.6.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended...
CVE-2012-10011
CVE-2012-10011 describes a SQL injection in HD FLV PLayer Plugin for WordPress (versions up to 1.7) via the hd_add_media/hd_update_media functions in functions.php. The vulnerability can be triggered remotely by manipulating the name argument, potentially enabling data exposure or modification. A...
CVE-2023-25464
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
CVE-2023-25464 WordPress Twitch Player Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...
CVE-2023-25464
CVE-2023-25464 affects the WordPress Twitch Player plugin (StreamWeasels)
SUSE CVE-2006-5330
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks vi...
CVE-2023-25066
Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...
CVE-2023-25066
CVE-2023-25066 is a Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin for WordPress, affected versions
PT-2023-19911 · Foliovision · Fv Flowplayer Video Player
Name of the Vulnerable Software and Affected Versions: FolioVision FV Flowplayer Video Player plugin versions = 7.5.30.7212 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...
CVE-2022-29411
SQL Injection SQLi vulnerability in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress allows attackers to execute SQLi attack via &id...
PT-2022-19587 · Mufeng · Mufeng'S Hermit 音乐播放器 Plugin
Name of the Vulnerable Software and Affected Versions: Mufeng's Hermit 音乐播放器 plugin versions = 3.1.6 Description: The issue is related to Cross-Site Request Forgery CSRF that leads to Stored Cross-Site Scripting XSS via the title parameter. This allows for malicious script storage and execution...
CVE-2022-25613
Authenticated Persistent Cross-Site Scripting XSS vulnerability in FV Flowplayer Video Player WordPress plugin versions = 7.5.18.727 via &fvwpflowplayerfieldsplash parameter...
Mageia: Security Advisory (MGASA-2015-0218)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0120)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0273)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0410)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0406)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...