Vulnerabilities > Foliovision

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-14799 Cross-site Scripting vulnerability in Foliovision FV Flowplayer Video Player
The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS.
network
low complexity
foliovision CWE-79
6.1
2019-07-17 CVE-2019-13573 SQL Injection vulnerability in Foliovision FV Flowplayer Video Player
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress.
network
low complexity
foliovision CWE-89
critical
9.8
2018-09-07 CVE-2018-0642 Cross-site Scripting vulnerability in Foliovision FV Flowplayer Video Player
Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2014-01-08 CVE-2014-1232 Cross-Site Scripting vulnerability in Foliovision Foliopress Wysiwyg
Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG plugin before 2.6.8.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2011-11-29 CVE-2011-4568 Cross-Site Scripting vulnerability in Foliovision FV Wordpress Flowplayer Plugin
Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI.
4.3