Vulnerability Description
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foliovision | Fv Flowplayer Video Player | < 7.3.19.727 |
Related Weaknesses (CWE)
References
- https://fortiguard.com/zeroday/FG-VD-19-097Third Party Advisory
- https://plugins.trac.wordpress.org/changeset/2121566/fv-wordpress-flowplayer/truPatch
- https://wordpress.org/plugins/fv-wordpress-flowplayer/#developersRelease Notes
- https://wpvulndb.com/vulnerabilities/9451Third Party Advisory
- https://fortiguard.com/zeroday/FG-VD-19-097Third Party Advisory
- https://plugins.trac.wordpress.org/changeset/2121566/fv-wordpress-flowplayer/truPatch
- https://wordpress.org/plugins/fv-wordpress-flowplayer/#developersRelease Notes
- https://wpvulndb.com/vulnerabilities/9451Third Party Advisory
FAQ
What is CVE-2019-13573?
CVE-2019-13573 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker t...
How severe is CVE-2019-13573?
CVE-2019-13573 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-13573?
Check the references section above for vendor advisories and patch information. Affected products include: Foliovision Fv Flowplayer Video Player.