VYPR

Fv Wordpress Flowplayer Plugin

by Foliovision

CVEs (3)

  • CVE-2022-25607MedMar 18, 2022
    risk 0.43cvss 6.6epss 0.01

    Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727).

  • CVE-2022-25613MedApr 4, 2022
    risk 0.27cvss 4.1epss 0.01

    Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in FV Flowplayer Video Player (WordPress plugin) versions <= 7.5.18.727 via &fv_wp_flowplayer_field_splash parameter.

  • CVE-2011-4568Nov 29, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI.