WordPress Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player plugin <= 2.0.82 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Radio Player versions = 2.0.82...

CVE-2026-24548 WordPress Radio Player plugin <= 2.0.91 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...

CVE-2023-4027

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updatesettings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings...

EUVD-2023-53917

Malicious code in bioql PyPI...

EUVD-2023-53918

Malicious code in bioql PyPI...

EUVD-2023-53920

Malicious code in bioql PyPI...

CVE-2024-8267

The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input...

WordPress Radio Player plugin <= 2.0.83 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Malvin Valerian Gultom Patchstack Alliance in WordPress Plugin Radio Player versions = 2.0.83...

CVE-2024-8267

The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input...

CVE-2023-4027

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updatesettings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings...

PT-2024-12877 · WordPress · Radio Player

Name of the Vulnerable Software and Affected Versions: Radio Player plugin for WordPress versions up to, and including, 2.0.73 Description: The issue allows unauthorized modification of data due to a missing capability check on the update settings function. This makes it possible for...

CVE-2024-34753 WordPress Radio Player plugin <= 2.0.73 - Broken Access Control vulnerability

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

WordPress Radio Player plugin <= 2.0.73 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Radio Player versions = 2.0.73...

WordPress Radio Player Plugin <= 2.0.73 is vulnerable to Sensitive Data Exposure

Software Radio Player Type Plugin Vulnerable versions = 2.0.73 Fixed in 2.0.74 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-32506 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4e6e2407c28d Credits Steven Julian Required...