Foliovision

Fv Flowplayer Video Player

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2026-49773

  • EPSS 0.17%
  • Veröffentlicht 15.06.2026 20:19:26
  • Zuletzt bearbeitet 15.06.2026 21:24:32

Subscriber Cross Site Scripting (XSS) in FV Flowplayer Video Player < 7.5.51.7212 versions.

7.2

CVE-2026-7556

  • EPSS 0.24%
  • Veröffentlicht 09.06.2026 02:28:48
  • Zuletzt bearbeitet 09.06.2026 13:33:34

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment text in all versions up to, and including, 7.5.49.7212 due to insufficient input sanitization and output escaping. This makes it possible...

8.8

CVE-2024-6338

  • EPSS 0.51%
  • Veröffentlicht 19.07.2024 08:15:02
  • Zuletzt bearbeitet 21.11.2024 09:49:27

The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of suffic...

7.1

CVE-2024-35631

  • EPSS 0.27%
  • Veröffentlicht 03.06.2024 11:15:11
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foliovision FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.45.7212.

4.1

CVE-2024-32078

  • EPSS 0.34%
  • Veröffentlicht 24.04.2024 16:15:09
  • Zuletzt bearbeitet 28.04.2026 19:24:31

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212.

4.9

CVE-2024-32955

  • EPSS 0.25%
  • Veröffentlicht 24.04.2024 07:15:49
  • Zuletzt bearbeitet 28.04.2026 19:25:02

Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.43.7212.

7.1

CVE-2024-22299

  • EPSS 0.39%
  • Veröffentlicht 27.03.2024 06:15:14
  • Zuletzt bearbeitet 28.04.2026 19:23:15

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a thr...

6.5

CVE-2024-29122

  • EPSS 0.34%
  • Veröffentlicht 19.03.2024 15:15:10
  • Zuletzt bearbeitet 28.04.2026 19:23:43

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Stored XSS.This issue affects FV Flowplayer Video Player: from n/a throug...

6.1

CVE-2023-4520

  • EPSS 0.47%
  • Veröffentlicht 25.08.2023 03:15:09
  • Zuletzt bearbeitet 08.04.2026 19:18:31

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_fv_player_user_video’ parameter saved via the 'save' function hooked via init, and the plugin is also vulnerable to Arbitrary Usermeta Update v...

6.1

CVE-2023-30499

  • EPSS 0.4%
  • Veröffentlicht 18.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:17

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions.