Cross-site request forgery (CSRF) vulnerability in the JW Player plugin prior to 2.1.4 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that remove players via a delete action to wp-admin/admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
longtailvideo jw player for flash \\& html5 video plugin 2.0.4 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.0.3 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.0.2 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.0.1 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.1.1 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.0.5 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.0.0 |
||
longtailvideo jw player for flash \\& html5 video plugin |
||
longtailvideo jw player for flash \\& html5 video plugin 2.1.2 |
||
longtailvideo jw player for flash \\& html5 video plugin 2.1.0 |