CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35631 – WordPress FV Flowplayer Video Player plugin <= 7.5.45.7212 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-35631
27 May 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foliovision FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.45.7212. La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Foliovision FV Flowplayer Video Player permite el XSS reflejado. Este problema afecta al FV Flowplayer Video Player: desde n/a hasta 7... • https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-flowplayer-video-player-plugin-7-5-45-7212-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32955 – WordPress FV Flowplayer Video Player plugin <= 7.5.43.7212 - Server Side Request Forgery (SSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-32955
22 Apr 2024 — Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.43.7212. Vulnerabilidad de Server-Side Request Forgery (SSRF) en Foliovision FV Flowplayer Video Player. Este problema afecta al FV Flowplayer Video Player: desde n/a hasta 7.5.43.7212. The FV Flowplayer Video Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.5.43.7212. This makes it possi... • https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-flowplayer-video-player-plugin-7-5-43-7212-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32078 – WordPress FV Player plugin <= 7.5.44.7212 - Unvalidated Redirects and Forwards vulnerability
https://notcve.org/view.php?id=CVE-2024-32078
11 Apr 2024 — URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212. Vulnerabilidad de redirección de URL a sitio no confiable ("Open Redirect") en Foliovision FV Flowplayer Video Player. Este problema afecta a FV Flowplayer Video Player: desde n/a hasta 7.5.44.7212. The FV Flowplayer Video Player plugin for WordPress is vulnerable to unauthorized redirects in all versions up to, and including... • https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-player-plugin-7-5-44-7212-unvalidated-redirects-and-forwards-vulnerability?_s_id=cve • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22299 – WordPress FV Player plugin <= 7.5.41.7212 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-22299
26 Mar 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.41.7212. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en Foliovision: Making the web work for you FV Flowplayer Video Player permite XSS reflejado. Este problema afecta a FV Flow... • https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-player-plugin-7-5-41-7212-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29122 – WordPress FV Player plugin <= 7.5.41.7212 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-29122
16 Mar 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Stored XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.41.7212. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en Foliovision: hacer que la web funcione para usted FV Flowplayer Video Player permite almacenar XSS. Este problema afecta a F... • https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-player-plugin-7-5-41-7212-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •