CVE-2019-14801: SQL Injection
First published: Fri Aug 09 2019(Updated: )
The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Flowplayer | <7.3.15.727 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-14801.
What is the severity of CVE-2019-14801?
The severity of CVE-2019-14801 is critical with a severity value of 9.8.
What is affected by CVE-2019-14801?
The FV Flowplayer Video Player plugin version up to 7.3.15.727 for WordPress is affected by CVE-2019-14801.
What is the impact of CVE-2019-14801?
CVE-2019-14801 allows SQL injection through email subscriptions, which can lead to unauthorized access to the database and potential data leakage.
How do I fix CVE-2019-14801?
To fix CVE-2019-14801, it is recommended to update the FV Flowplayer Video Player plugin to version 7.3.15.727 or later.
- agent/type
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/foliovision
- canonical/flowplayer