WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

FV Flowplayer Video Player <= 7.2.0.727 - Authenticated Cross-Site Scripting (XSS)

Description

The FV Flowplayer Video Player WordPress plugin was affected by an Authenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

fv-wordpress-flowplayer
Fixed in version 7.2.1.727

References

URL
https://plugins.trac.wordpress.org/changeset/1944220/fv-wordpress-flowplayer
URL
https://packetstormsecurity.com/files/149466/

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Janek Vind "waraxe"

Submitter

Ryan Dewhurst

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
4db87ba4-6e12-4cb4-b3da-bb5e29b6c908

Timeline

Publicly Published

2018-09-21 (about 3 years ago)

Added

2018-09-24 (about 3 years ago)

Last Updated

2019-11-01 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin