3 matches found
WordPress Luna Web Radio Player plugin <= 6.24.11.07 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin Luna Web Radio Player versions = 6.24.11.07...
WordPress Luna Web Radio Player plugin <= 6.24.01.24 - Unauthenticated Arbitrary File Read vulnerability
Unauthenticated Arbitrary File Read vulnerability discovered by Tonn in WordPress Plugin Luna Web Radio Player versions = 6.24.01.24...
WordPress Luna Web Radio Player Plugin <= 6.24.01.24 is vulnerable to Directory Traversal
Software Luna Web Radio Player Type Plugin Vulnerable versions = 6.24.01.24 Fixed in 6.24.11.07 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-10816 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 24e0a47712fe Credits Tonn Required privilege...