CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

WordPress Responsive HTML5 Audio Player PRO With Playlist <= 3.5.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Responsive HTML5 Audio Player PRO With Playlist versions = 3.5.8...

CVE-2024-37445

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through 2.2.23...

CVE-2024-25098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pascal Bajorat PB oEmbed HTML5 Audio – with Cache Support allows Stored XSS.This issue affects PB oEmbed HTML5 Audio – with Cache Support: from n/a through 2.6...

CVE-2023-0170

The Html5 Audio Player WordPress plugin before 2.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2021-24412

The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious...

CVE-2016-0796

WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properly verify user-supplied input. An attacker may leverage these issues to hide attacks directed at a...

CVE-2025-32307

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Chameleon HTML5 Audio Player With/Without Playlist lbg-audio1-html5 allows SQL Injection.This issue affects Chameleon HTML5 Audio Player With/Without Playlist: from n/a through = 3.5.6...

CVE-2025-32287

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows SQL Injection.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through = 3.5.7...

CVE-2025-32307 WordPress Chameleon HTML5 Audio Player With/Without Playlist <= 3.5.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Chameleon HTML5 Audio Player With/Without Playlist allows SQL Injection. This issue affects Chameleon HTML5 Audio Player With/Without Playlist: from n/a through 3.5.6...

CVE-2025-32307

CVE-2025-32307 affects LambertGroup Chameleon HTML5 Audio Player With/Without Playlist (plugin slug lbg-audio1-html5), vulnerable through version 3.5.6 due to improper neutralization of special elements in SQL commands (SQL Injection). The CVE’s technical details in connected sources confirm an S...

WordPress plugin Chameleon HTML5 Audio Player With/Without Playlist SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-39524

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through = 2.2.28...

WordPress Html5 Audio Player plugin <= 2.2.28 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Html5 Audio Player versions = 2.2.28...

CVE-2025-39524

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through = 2.2.28...

CVE-2025-39524 WordPress Html5 Audio Player plugin <= 2.2.28 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through = 2.2.28...

CVE-2025-39524

CVE-2025-39524 is a stored XSS vulnerability in the WordPress Html5 Audio Player plugin. The issue arises from improper neutralization of script-related HTML tags in the plugin and affects Html5 Audio Player versions up to and including 2.2.28. If exploited, an attacker could inject scripted cont...

CVE-2025-39524 WordPress Html5 Audio Player plugin <= 2.2.28 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through = 2.2.28...

WordPress plugin Html5 Audio Player 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exis...

CVE-2024-37445

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through 2.2.23...