WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

FV Flowplayer Video Player <= 7.3.14.727 - SQL Injection

Description

Changelog states:

"Security - fix for SQL injection vulnerability in email subscription"

Affects Plugins

fv-wordpress-flowplayer
Fixed in version 7.3.15.727

References

CVE
CVE-2019-14801
CVE
CVE-2019-14800
URL
https://plugins.trac.wordpress.org/changeset/2088973/fv-wordpress-flowplayer

Classification

Type

SQLI

OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter

Ryan Dewhurst

Submitter website
https://wpscan.io
Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
ffe296dc-a3c9-4a99-ae25-8b41f95e9443

Timeline

Publicly Published

2019-05-20 (about 2 years ago)

Added

2019-05-20 (about 2 years ago)

Last Updated

2020-09-22 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin