CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

180 matches found

Radio Player <= 2.0.82 - Server-Side Request Forgery

The Radio Player Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.82. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

7.2CVSS7.2AI score0.8095EPSS

Exploits1References4

Patchstack•added 2026/05/01 9:17 a.m.•1 views

WordPress Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player plugin <= 2.0.82 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Radio Player versions = 2.0.82...

6.1CVSS5.8AI score0.00135EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/01/24 3:18 p.m.•6 views

CVE-2026-24548

Server-Side Request Forgery SSRF vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...

5.4CVSS5.9AI score0.00049EPSS

Exploits0References1

NVD•added 2026/01/23 3:16 p.m.•1 views

CVE-2026-24548

Server-Side Request Forgery SSRF vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...

5.4CVSS0.00049EPSS

Exploits0References1

Cvelist•added 2026/01/23 2:28 p.m.•25 views

CVE-2026-24548 WordPress Radio Player plugin <= 2.0.91 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...

5.4CVSS0.00049EPSS

Exploits0References1

ATTACKERKB•added 2026/01/23 2:28 p.m.•2 views

CVE-2026-24548

Server-Side Request Forgery SSRF vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...

5.3CVSS5.9AI score0.00049EPSS

Exploits0References2

CVE•added 2026/01/23 2:28 p.m.•14 views

CVE-2026-24548

Summary: CVE-2026-24548 is a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin “Radio Player” (radio-player) affecting versions up to and including 2.0.91. The issue is publicly documented by multiple sources (Wordfence vulnerability report and CVE/NVD entries). Impact is l...

5.4CVSS5.9AI score0.00049EPSS

Exploits0References1

Vulnrichment•added 2026/01/23 2:28 p.m.•2 views

CVE-2026-24548 WordPress Radio Player plugin <= 2.0.91 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...

5.4CVSS5.9AI score0.00049EPSS

Exploits0References1

Patchstack•added 2026/01/23 10:44 a.m.•5 views

WordPress Radio Player plugin <= 2.0.91 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Radio Player versions = 2.0.91...

5.3CVSS5.4AI score0.00049EPSS

Exploits0Affected Software1

CNNVD•added 2026/01/23 12:0 a.m.•3 views

WordPress plugin Radio Player code vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.9AI score0.00049EPSS

Exploits0References1

Positive Technologies•added 2026/01/23 12:0 a.m.•1 views

PT-2026-4392

Name of the Vulnerable Software and Affected Versions Prince Radio Player versions through 2.0.91 Description A Server-Side Request Forgery SSRF vulnerability exists in Prince Radio Player. This issue allows for Server Side Request Forgery. Recommendations Update to a version later than 2.0.91...

5.3AI score0.00049EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 9:25 a.m.•8 views

CVE-2023-4024

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteplayer function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to delete player instances...

5.3CVSS6.7AI score0.00239EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:25 a.m.•1 views

CVE-2023-4025

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateplayer function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances...

5.3CVSS5.4AI score0.00358EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:24 a.m.•1 views

CVE-2023-4027

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updatesettings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings...

5.3CVSS5.4AI score0.00372EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:6 a.m.•8 views

CVE-2024-34753

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

5.3CVSS6.9AI score0.00111EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:14 a.m.•4 views

CVE-2024-2906

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

6.5CVSS8.6AI score0.00208EPSS

Exploits0References1