CVE-2019-14800
NONE EPSS 71.4%
Published Aug 15, 20196y ago · Modified Jun 17, 20262w ago
Published Aug 15, 2019 6y ago
Last Modified Jun 17, 2026 2w ago
Description
The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI.
Threat Intelligence
EPSS Exploit Probability
71.4% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| foliovision | fv_flowplayer_video_player | * | <7.3.15.727 |
References 2
- wordpress.org https://wordpress.org/plugins/fv-wordpress-flowplayer/#developers
- pluginvulnerabilities.com https://www.pluginvulnerabilities.com/2019/05/15/information-disclosure-vulnerability-in-fv-player-fv-flowplayer-video-player/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.