Documentation: Home / Vulnerabilities / Input validation vulnerability in FV Flowplayer Video Player 7.5.2.727

Latest

Input validation vulnerability in FV Flowplayer Video Player 7.5.2.727

CVE-2021-39350

Severity: medium-risk
Status: Fixed
Publication: October 5, 2021

The FV Flowplayer Video Player WordPress plugin has a security issue that could allow attackers to run malicious code on the website. This affects versions 7.5.0.727 to 7.5.2.727. Attackers can use the player_id parameter in the ~/view/stats.php file to inject web scripts into the website.

Detected in:

FV Flowplayer Video Player fixed vulnerable versions: >= 7.5.0.727 <= 7.5.2.727

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 not found errors

Protecting site visitors with Security Headers

Hardening your website’s security

Input validation vulnerability in FV Flowplayer Video Player 7.5.2.727

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 not found errors

Protecting site visitors with Security Headers

Hardening your website’s security

Input validation vulnerability in FV Flowplayer Video Player 7.5.2.727

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles