Fv Flowplayer Video Player@* Security Vulnerabilities and Issues — Fv Flowplayer Video Player@* CVE List

Lucene search

FoliovisionFv Flowplayer Video Player*

6 matches found

CVE•added 2019/07/17 4:15 p.m.•77 views

CVE-2019-13573

A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.

10CVSS9.8AI score0.04723EPSS

CVE•added 2021/01/15 5:15 p.m.•66 views

CVE-2020-35748

Cross-site scripting (XSS) vulnerability in models/list-table.php in the FV Flowplayer Video Player plugin before 7.4.37.727 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the fv_wp_fvvideoplayer_src JSON field in the data parameter.

5.4CVSS5.1AI score0.00122EPSS

Web

CVE•added 2019/08/09 2:15 p.m.•47 views

CVE-2019-14801

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection.

9.8CVSS9.9AI score0.00513EPSS

CVE•added 2024/07/19 8:15 a.m.•43 views

CVE-2024-6338

The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This ...

8.8CVSS8.7AI score0.0048EPSS

CVE•added 2019/08/15 3:15 p.m.•41 views

CVE-2019-14800

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI.

5.3CVSS5.2AI score0.00249EPSS

Web

CVE•added 2019/08/09 1:15 p.m.•36 views

CVE-2019-14799

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS.

6.1CVSS6.3AI score0.02994EPSS

Web