Skip to main content

Web Dorado Spider Video Player

3 CVEs product

Monthly

CVE-2015-4352 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Web Dorado Spider Video Player
NVD
CVSS 2.0
5.8
EPSS
0.1%
CVE-2015-4351 MEDIUM This Month

The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Web Dorado Spider Video Player
NVD
CVSS 2.0
4.9
EPSS
0.6%
CVE-2014-8584 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS WordPress Web Dorado Spider Video Player
NVD
CVSS 2.0
4.3
EPSS
0.7%
EPSS 0% CVSS 5.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Web Dorado Spider Video Player
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Web Dorado Spider Video Player
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS WordPress Web Dorado Spider Video Player
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy