Medium 6.4
2024-12-04< 7.5.48.7212
Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library
FV Flowplayer Video Player
Minimum safe version
7.5.48.7212
Update to 7.5.48.7212 or later to address 33 fixable vulnerabilities
Latest available7.5.50.7212 ✓Affected up to7.5.2.727 ⚠
High 8.8
2024-07-19< 7.5.47.7212
CVE-2024-6338
High 7.1
2024-06-03< 7.5.46.7212
CVE-2024-35631
Medium 4.9
2024-04-24< 7.5.45.7212
CVE-2024-32955
Medium 4.1
2024-04-24< 7.5.45.7212
CVE-2024-32078
High 7.1
2024-03-27< 7.5.44.7212
CVE-2024-22299
Medium 6.5
2024-03-19< 7.5.44.7212
CVE-2024-29122
Medium 6.1
2023-08-25< 7.5.39.7212
CVE-2023-4520
N/A
2023-08-24< 7.5.39.7212
FV Flowplayer Video Player <= 7.5.37.7212 - Insufficient Input Validation to Unauthenticated Stored Cross-Site Scripting and Arbitrary Usermeta Update
N/A
< 6.0.3.4
FV Flowplayer Video Player <= 6.0.3.3 - Authenticated Stored Cross-Site Scripting (XSS)
N/A
< 7.2.1.727
FV Flowplayer Video Player <= 7.2.0.727 - Authenticated Cross-Site Scripting (XSS)
N/A
< 7.3.15.727
FV Flowplayer Video Player <= 7.3.14.727 - CSV Export
N/A
< 7.5.3.727
FV Flowplayer Video Player < 7.5.3.727 - Reflected Cross-Site Scripting
High 7.1
2023-08-18< 7.5.35.7212
CVE-2023-30499
Medium 4.3
2023-02-14< 7.5.31.7212
CVE-2023-25066
N/A
2015-08-24< 6.0.3.4
FV Flowplayer Video Player <= 6.0.3.3 - Stored Cross-Site Scripting
N/A
2018-09-21< 7.2.1.727
FV Flowplayer Video Player <= 7.2.0.727 - Reflected Cross-Site Scripting
N/A
2019-05-16< 7.3.15.727
FV Flowplayer Video Player <= 7.3.14.727 - Unauthenticated SQL Injection
N/A
2019-05-16< 7.3.15.727
FV Flowplayer Video Player <= 7.3.14.727 - Sensitive Data Exposure
N/A
2015-08-24< 6.0.3.4
WordPress Flowplayer Plugin <= 6.0.3.3 - Stored Cross Site Scripting
N/A
2018-10-03< 7.2.1.727
WordPress FV Flowplayer Video Player plugin <= 7.2.0.727 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2019-05-21< 7.3.14.727
WordPress FV Flowplayer Video Player plugin <= 7.3.13.727 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-05-21< 7.3.15.727
WordPress FV Flowplayer Video Player plugin <= 7.3.14.727 - SQL Injection (SQLi) vulnerability
N/A
2019-05-21< 7.3.15.727
WordPress FV Flowplayer Video Player plugin <= 7.3.14.727 - CSV Export vulnerability
N/A
2019-07-13< 7.3.19.727
WordPress FV Flowplayer Video Player plugin <= 7.3.18.727 - SQL Injection (SQLi) vulnerability
Medium 5.4
2022-04-04< 7.5.19.728
CVE-2022-25613
High 7.2
2022-03-18< 7.5.18.727
CVE-2022-25607
N/A
2011-11-29< 1.2.12
CVE-2011-4568
Medium 6.1
2018-09-09≥ 6.1.2 and ≤ 6.6.4
WordPress FV Flowplayer Video Player plugin <=6.6.4 - Cross-Site Scripting (XSS) vulnerability
Critical 9.8
2019-07-17< 7.3.19.727
CVE-2019-13573
Critical 9.8
2019-08-09< 7.3.15.727
CVE-2019-14801
Medium 6.1
2019-08-09< 7.3.14.727
CVE-2019-14799
Medium 5.3
2019-08-15< 7.3.15.727
CVE-2019-14800
Medium 5.4
2021-01-15< 7.4.37.727
CVE-2020-35748
Medium 6.1
2021-10-06≥ 7.5.0.727 and ≤ 7.5.2.727
CVE-2021-39350