Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Foliovision — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Foliovision. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Foliovision develops WordPress plugins and themes, primarily for video and media management. Historically, their products have frequently contained cross-site scripting (XSS) vulnerabilities, remote code execution (RCE) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities across their portfolio suggests a need for improved security practices. The 16 CVEs on record indicate recurring issues that could allow attackers to compromise websites, manipulate content, or gain unauthorized access, particularly in environments where their plugins are deployed with default configurations or outdated versions.

Top products by Foliovision: FV Flowplayer Video Player FV Flowplayer Video Player (WordPress plugin) FV Thoughtful Comments FV Descriptions Filled In Foliopress WYSIWYG FV Antispam FV Simpler SEO
CVE IDTitleCVSSSeverityPublished
CVE-2025-68579 WordPress FV Simpler SEO plugin <= 1.9.6 - Broken Access Control vulnerability — FV Simpler SEOCWE-862 5.3 Medium2025-12-24
CVE-2025-66102 WordPress FV Antispam plugin <= 2.7 - Cross Site Scripting (XSS) vulnerability — FV AntispamCWE-79 7.1 High2025-12-18
CVE-2025-32610 WordPress Foliopress WYSIWYG plugin <= 2.6.18 - CSRF to Stored XSS vulnerability — Foliopress WYSIWYGCWE-352 7.1 High2025-04-09
CVE-2025-22628 WordPress Filled In Plugin <= 1.9.2 - CSRF to Stored XSS vulnerability — Filled InCWE-79 7.1 High2025-03-27
CVE-2025-24613 WordPress FV Thoughtful Comments plugin <= 0.3.5 - Broken Access Control vulnerability — FV Thoughtful CommentsCWE-862 4.3 Medium2025-01-24
CVE-2024-56032 WordPress FV Descriptions plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — FV DescriptionsCWE-79 7.1 High2025-01-02
CVE-2024-6338 FV Player <= 7.5.46.7212 - Authenticated (Subscriber+) SQL Injection via exclude Parameter — FV Flowplayer Video PlayerCWE-89 8.8 High2024-07-19
CVE-2024-35631 WordPress FV Flowplayer Video Player plugin <= 7.5.45.7212 - Cross Site Scripting (XSS) vulnerability — FV Flowplayer Video PlayerCWE-79 7.1 High2024-06-03
CVE-2024-32078 WordPress FV Player plugin <= 7.5.44.7212 - Unvalidated Redirects and Forwards vulnerability — FV Flowplayer Video PlayerCWE-601 4.1 Medium2024-04-24
CVE-2024-32955 WordPress FV Flowplayer Video Player plugin <= 7.5.43.7212 - Server Side Request Forgery (SSRF) vulnerability — FV Flowplayer Video PlayerCWE-918 4.9 Medium2024-04-24
CVE-2023-4520 FV Flowplayer Video Player <= 7.5.37.7212 - Insufficient Input Validation to Unauthenticated Stored Cross-Site Scripting and Arbitrary Usermeta Update — FV Flowplayer Video PlayerCWE-79 5.4 Medium2023-08-25
CVE-2023-30499 WordPress FV Flowplayer Video Player Plugin <= 7.5.32.7212 is vulnerable to Cross Site Scripting (XSS) — FV Flowplayer Video PlayerCWE-79 7.1 High2023-08-18
CVE-2023-25066 WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF) — FV Flowplayer Video PlayerCWE-352 4.3 Medium2023-02-14
CVE-2022-25613 WordPress FV Flowplayer Video Player plugin <= 7.5.18.727 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — FV Flowplayer Video Player (WordPress plugin)CWE-79 4.1 Medium2022-04-04
CVE-2022-25607 WordPress FV Flowplayer Video Player plugin <= 7.5.15.727 - SQL Injection (SQLi) vulnerability — FV Flowplayer Video Player (WordPress plugin)CWE-89 6.6 Medium2022-03-18
CVE-2018-0642 FV Flowplayer Video Player 跨站脚本漏洞 — FV Flowplayer Video Player 6.1 -2018-09-07

This page lists every published CVE security advisory associated with Foliovision. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.