Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/12/19 7:21 a.m.13 views

WordPress HTML5 Audio Player plugin 2.4.0-2.5.1 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by kr0d in WordPress Plugin Html5 Audio Player versions 2.4.0-2.5.1...

7.2CVSS6.8AI score0.00186EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/19 6:48 a.m.4 views

CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery

The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...

7.2CVSS5.8AI score0.00186EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/19 6:48 a.m.4 views

EUVD-2025-204469

The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...

7.2CVSS5.7AI score0.00186EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/19 6:48 a.m.25 views

CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery

The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...

7.2CVSS0.00186EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/10/19 9:30 a.m.5 views

com.gitee.pulanos.pangu:pangu-gateway-spring-boot-starter (>=5.0.7 <=5.1.0), io.github.shuigedeng:taotao-cloud-starter-actuator (=2023.08) +330 more potentially affected by CVE-2023-25753 via org.apache.shenyu:shenyu-common (>=2.4.0 <=2.5.1)

org.apache.shenyu:shenyu-common MAVEN version =2.4.0, =5.0.7, =2022.09, =2023.2.01, =2022.11, =2022.11, =2022.11, =2022.09, =2023.02, =2022.11, =2022.11, =2023.04, =2022.11, =2022.11, =2022.09, =2022.10 and more Source cves: CVE-2023-25753 Source a...

6.5CVSS6.5AI score0.00838EPSS
Exploits0
Rows per page
Query Builder