Documentation: Home / Vulnerabilities / Input validation vulnerability in FV Flowplayer Video Player 7.2.0.727

Latest

Input validation vulnerability in FV Flowplayer Video Player 7.2.0.727

Severity: medium-risk
Status: Fixed
Publication: September 21, 2018

The FV Flowplayer Video Player plugin for WordPress is a program that can be used to add videos to WordPress websites. Unfortunately, it is vulnerable to a type of attack called Reflected Cross-Site Scripting, which can be used by unauthenticated attackers to inject malicious code into WordPress pages. This vulnerability exists in versions up to and including 7.2.0.727 due to the plugin not properly sanitizing and encoding user input. Attackers can take advantage of this by creating malicious links which, if clicked on, can cause the malicious code to be executed.

Detected in:

FV Flowplayer Video Player fixed vulnerable versions: >= * <= 7.2.0.727

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Protecting site visitors with Security Headers

Hardening your website’s security

Login protection as essential security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Password has been found in a data breach

Input validation vulnerability in FV Flowplayer Video Player 7.2.0.727

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles