5 matches found
WordPress HTML5 Audio Player plugin 2.4.0-2.5.1 - Unauthenticated Server-Side Request Forgery vulnerability
Unauthenticated Server-Side Request Forgery vulnerability discovered by kr0d in WordPress Plugin Html5 Audio Player versions 2.4.0-2.5.1...
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
EUVD-2025-204469
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
com.gitee.pulanos.pangu:pangu-gateway-spring-boot-starter (>=5.0.7 <=5.1.0), io.github.shuigedeng:taotao-cloud-starter-actuator (=2023.08) +330 more potentially affected by CVE-2023-25753 via org.apache.shenyu:shenyu-common (>=2.4.0 <=2.5.1)
org.apache.shenyu:shenyu-common MAVEN version =2.4.0, =5.0.7, =2022.09, =2023.2.01, =2022.11, =2022.11, =2022.11, =2022.09, =2023.02, =2022.11, =2022.11, =2023.04, =2022.11, =2022.11, =2022.09, =2022.10 and more Source cves: CVE-2023-25753 Source a...