Foliovision Fv Flowplayer Video Player
9 CVEs affecting Foliovision Fv Flowplayer Video Player. Latest disclosed: 2024-12-04. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6338 | High | 8.8 | 2024-07-19 | The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including… |
CVE-2024-35631 | High | 7.1 | 2024-06-03 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foliovision FV Flowplayer Video Player allows Refl… |
CVE-2023-30499 | High | 7.1 | 2023-08-18 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions. |
CVE-2024-5020 | Medium | 6.4 | 2024-12-04 | Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in… |
CVE-2023-4520 | Medium | 5.4 | 2023-08-25 | The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_fv_player_user_video’ parameter saved via the 'save'… |
CVE-2024-32955 | Medium | 4.9 | 2024-04-24 | Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5… |
CVE-2023-25066 | Medium | 4.3 | 2023-02-14 | Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions. |
CVE-2024-32078 | Medium | 4.1 | 2024-04-24 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from… |
CVE-2018-0642 | | 2018-09-07 | Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified… |