The FV Flowplayer Video Player plugin for WordPress has a security vulnerability that could be used by attackers. It affects versions from 7.5.32.7212 and earlier. It is possible for attackers to insert malicious code into the website through the ‘id’ parameter if they can get a user to click on a link. This is because the plugin does not properly secure the input or output.