CVE-2011-4568
NONE EPSS 77.6%
Published Nov 29, 201114y ago · Modified Jun 16, 20262w ago
Published Nov 29, 2011 14y ago
Last Modified Jun 16, 2026 2w ago
Description
Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI.
Threat Intelligence
EPSS Exploit Probability
77.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 27
| Vendor | Product | Version | Range |
|---|---|---|---|
| foliovision | fv_wordpress_flowplayer_plugin | * | ≤1.12.11 |
| foliovision | fv_wordpress_flowplayer_plugin | 0.9.12 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 0.9.13 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 0.9.14 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 0.9.15 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 0.9.16 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 0.9.18 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0.1 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0.2 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0.3 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0.4 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0.5 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.0.6 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.1.0 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.0 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.1 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.2 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.3 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.4 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.5 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.6 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.7 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.8 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.9 | any |
| foliovision | fv_wordpress_flowplayer_plugin | 1.2.10 | any |
| wordpress | wordpress | * | any |
References 4
- plugins.trac.wordpress.org http://plugins.trac.wordpress.org/changeset?reponame=&new=413607%40fv-wordpress-flowplayer&old=409594%40fv-wordpress-flowplayer
- secunia.com http://secunia.com/advisories/46346
- wordpress.org http://wordpress.org/extend/plugins/fv-wordpress-flowplayer/changelog/
- securityfocus.com http://www.securityfocus.com/bid/50008
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.