Streamcast Radio Player
Monthly
The StreamCast - Radio Player for WordPress plugin before 2.1.1 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The StreamCast - Radio Player for WordPress plugin before 2.1.1 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.