Vendor

FWDesign

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2025-28955	FWDesign Easy Video Player Wordpress & WooCommerce	Hig	0.49	7.5	Jul 16, 2025	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FWDesign Easy Video Player Wordpress & WooCommerce fwdevp allows Path Traversal.This issue affects Easy Video Player Wordpress & WooCommerce: from n/a through <= 10.0.
CVE-2025-49430	FWDesign Ultimate Video Player	Hig	0.47	7.2	Sep 9, 2025	Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player fwduvp allows Server Side Request Forgery.This issue affects Ultimate Video Player: from n/a through <= 10.1.
CVE-2025-49432	FWDesign Ultimate Video Player	Med	0.34	5.3	Aug 15, 2025	Missing Authorization vulnerability in FWDesign Ultimate Video Player fwduvp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Video Player: from n/a through <= 10.1.

CVE-2025-28955HigJul 16, 2025
FWDesign
Easy Video Player Wordpress & WooCommerce
risk 0.49cvss 7.5epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FWDesign Easy Video Player Wordpress & WooCommerce fwdevp allows Path Traversal.This issue affects Easy Video Player Wordpress & WooCommerce: from n/a through <= 10.0.
CVE-2025-49430HigSep 9, 2025
FWDesign
Ultimate Video Player
risk 0.47cvss 7.2epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player fwduvp allows Server Side Request Forgery.This issue affects Ultimate Video Player: from n/a through <= 10.1.
CVE-2025-49432MedAug 15, 2025
FWDesign
Ultimate Video Player
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in FWDesign Ultimate Video Player fwduvp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Video Player: from n/a through <= 10.1.