Skip to main content

Mp3 Audio Player For Music Radio Podcast

7 CVEs product

Monthly

CVE-2024-10268 MEDIUM PATCH This Month

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sonaar_audioplayer shortcode in all versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-7856 HIGH PATCH Act Now

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 77.0%.

Authentication Bypass RCE WordPress PHP Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
8.1
EPSS
77.0%
CVE-2024-5664 MEDIUM PATCH This Month

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaar_audioplayer. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-31343 HIGH This Week

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.10.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-30530 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-30487 HIGH This Week

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.1. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2021-24624 MEDIUM POC This Month

The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Mp3 Audio Player For Music Radio Podcast
NVD WPScan
CVSS 3.1
4.8
EPSS
0.6%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sonaar_audioplayer shortcode in all versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Mp3 Audio Player For Music Radio Podcast
NVD
EPSS 77% CVSS 8.1
HIGH PATCH Act Now

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 77.0%.

Authentication Bypass RCE WordPress +2
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaar_audioplayer. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Mp3 Audio Player For Music Radio Podcast
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.10.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mp3 Audio Player For Music Radio Podcast
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mp3 Audio Player For Music Radio Podcast
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.1. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mp3 Audio Player For Music Radio Podcast
NVD
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Mp3 Audio Player For Music Radio Podcast
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy