Lucene search
+L

184 matches found

CVE
CVE
added 2023/08/18 2:41 p.m.38 views

CVE-2023-30499

CVE-2023-30499 refers to an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the FolioVision FV Flowplayer Video Player plugin for WordPress, affected versions

7.1CVSS6AI score0.00396EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/08/16 12:0 a.m.8 views

WordPress Video gallery and Player Plugin <= 2.6.5 is vulnerable to Broken Access Control

Software Video gallery and Player Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 27dbac5e56cd Credits Abdi Pranata Require...

5.8AI score0.00188EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/05/28 6:15 p.m.7 views

CVE-2023-33931

Cross-Site Request Forgery CSRF vulnerability in Ciprian Popescu YouTube Playlist Player plugin = 4.6.4 versions...

8.8CVSS7.3AI score0.00256EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.13 views

PT-2023-24577 · Unknown · Ciprian Popescu Youtube Playlist Player

Name of the Vulnerable Software and Affected Versions: Ciprian Popescu YouTube Playlist Player plugin versions prior to 4.6.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended...

8.8CVSS8.9AI score0.00256EPSS
Exploits0References3
CVE
CVE
added 2023/04/09 10:0 p.m.39 views

CVE-2012-10011

CVE-2012-10011 describes a SQL injection in HD FLV PLayer Plugin for WordPress (versions up to 1.7) via the hd_add_media/hd_update_media functions in functions.php. The vulnerability can be triggered remotely by manipulating the name argument, potentially enabling data exposure or modification. A...

9.8CVSS8.3AI score0.00707EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/04/07 1:15 p.m.3 views

CVE-2023-25464

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

4.8CVSS6.6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/07 12:3 p.m.11 views

CVE-2023-25464 WordPress Twitch Player Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/04/07 12:3 p.m.59 views

CVE-2023-25464

CVE-2023-25464 affects the WordPress Twitch Player plugin (StreamWeasels)

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.5 views

SUSE CVE-2006-5330

CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks vi...

5CVSS7.4AI score0.23148EPSS
Exploits0References4
NVD
NVD
added 2023/02/14 6:15 a.m.20 views

CVE-2023-25066

Cross-Site Request Forgery CSRF vulnerability in FolioVision FV Flowplayer Video Player plugin = 7.5.30.7212 versions...

8.8CVSS5.8AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2023/02/14 5:32 a.m.47 views

CVE-2023-25066

CVE-2023-25066 is a Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin for WordPress, affected versions

8.8CVSS6.5AI score0.00271EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.11 views

PT-2023-19911 · Foliovision · Fv Flowplayer Video Player

Name of the Vulnerable Software and Affected Versions: FolioVision FV Flowplayer Video Player plugin versions = 7.5.30.7212 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...

8.8CVSS8.4AI score0.00271EPSS
Exploits0References3
OSV
OSV
added 2022/04/28 5:15 p.m.6 views

CVE-2022-29411

SQL Injection SQLi vulnerability in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress allows attackers to execute SQLi attack via &id...

9.8CVSS7.4AI score0.01032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/04/28 12:0 a.m.9 views

PT-2022-19587 · Mufeng · Mufeng'S Hermit 音乐播放器 Plugin

Name of the Vulnerable Software and Affected Versions: Mufeng's Hermit 音乐播放器 plugin versions = 3.1.6 Description: The issue is related to Cross-Site Request Forgery CSRF that leads to Stored Cross-Site Scripting XSS via the title parameter. This allows for malicious script storage and execution...

6.1CVSS6AI score0.00373EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 8:15 p.m.7 views

CVE-2022-25613

Authenticated Persistent Cross-Site Scripting XSS vulnerability in FV Flowplayer Video Player WordPress plugin versions = 7.5.18.727 via &fvwpflowplayerfieldsplash parameter...

5.4CVSS5.8AI score0.00549EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2015-0218)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.87303EPSS
Exploits10References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2018-0120)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.3AI score0.89532EPSS
Exploits19References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2019-0273)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.7AI score0.06054EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2017-0410)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06518EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2017-0406)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Rows per page
Query Builder