Foliovision : Security Vulnerabilities, CVEs, CVSS score >= 7
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.41.7212.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions.
Max CVSS
7.1
EPSS Score
0.05%
Published
2023-08-18
Updated
2023-08-22
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-02-14
Updated
2023-02-22
Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727).
Max CVSS
7.2
EPSS Score
0.09%
Published
2022-03-18
Updated
2022-03-25
The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection.
Max CVSS
9.8
EPSS Score
0.14%
Published
2019-08-09
Updated
2019-08-14
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
Max CVSS
10.0
EPSS Score
0.24%
Published
2019-07-17
Updated
2023-03-01
6 vulnerabilities found