Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fv_flowplayer_video_player
(Foliovision)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-06 | CVE-2021-39350 | The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727. | Fv_flowplayer_video_player | 6.1 | ||
| 2021-01-15 | CVE-2020-35748 | Cross-site scripting (XSS) vulnerability in models/list-table.php in the FV Flowplayer Video Player plugin before 7.4.37.727 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the fv_wp_fvvideoplayer_src JSON field in the data parameter. | Fv_flowplayer_video_player | 5.4 | ||
| 2022-03-18 | CVE-2022-25607 | Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727). | Fv_flowplayer_video_player | 7.2 |