VYPR

Zd Youtube Flv Player

by WordPress

CVEs (1)

  • CVE-2024-2663HigApr 30, 2024
    risk 0.54cvss 8.3epss 0.00

    The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $_GET['image'] parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating…