VYPR

Ultimate Video Player

by WordPress

CVEs (3)

  • CVE-2024-10804HigMar 7, 2025
    risk 0.49cvss 7.5epss 0.01

    The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file. This makes it possible for unauthenticated attackers to read the contents of…

  • CVE-2025-49430HigSep 9, 2025
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player fwduvp allows Server Side Request Forgery.This issue affects Ultimate Video Player: from n/a through <= 10.1.

  • CVE-2025-49432MedAug 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in FWDesign Ultimate Video Player fwduvp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Video Player: from n/a through <= 10.1.