← volver
CVE-2022-25613

WordPress FV Flowplayer Video Player plugin <= 7.5.18.727 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

CVSS 4.1 MEDIUMEPSS 0.5%CWE-79
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in FV Flowplayer Video Player (WordPress plugin) versions <= 7.5.18.727 via &fv_wp_flowplayer_field_splash parameter.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
Productos afectados
FolioVision · FV Flowplayer Video Player (WordPress plugin)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-flowplayer-video-player-plugin-7-5-18-727-authenticated-persistent-cross-site-scripting-xss-vulnerabilityhttps://wordpress.org/plugins/fv-wordpress-flowplayer/#developers