13 matches found
EUVD-2025-28148
Malicious code in bioql PyPI...
CVE-2025-48163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support lbg-audio8-html5-radio-ads allows Reflected XSS.This issue affects SHOUT - HTML5 Radio Player With Ads - ShoutCast a...
CVE-2025-48163
CVE-2025-48163 is a Reflected Cross-Site Scripting vulnerability in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support. Affected versions are up to 3.5.4; the CVSS v3.1 base score is 7.1 (HIGH). The issue arises from improper input neutralization during web page gene...
CVE-2025-53205 WordPress Radio Player Shoutcast & Icecast <= 4.4.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Radio Player Shoutcast & Icecast allows Reflected XSS. This issue affects Radio Player Shoutcast & Icecast: from n/a through 4.4.7...
CVE-2025-53205 WordPress Radio Player Shoutcast & Icecast <= 4.4.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Radio Player Shoutcast & Icecast lbg-audio4-html5-shoutcast allows Reflected XSS.This issue affects Radio Player Shoutcast & Icecast: from n/a through = 4.4.7...
CVE-2025-53205
The CVE-2025-53205 entry refers to a Reflected XSS in LambertGroup Radio Player Shoutcast & Icecast (WordPress plugin lbg-audio4-html5-shoutcast) up to version 4.4.7. Root cause: Improper neutralization of input during web page generation. Impact: potential execution of malicious scripts in a use...
PT-2025-33971 · Lambertgroup · Lambertgroup Radio Player Shoutcast & Icecast
Name of the Vulnerable Software and Affected Versions: LambertGroup Radio Player Shoutcast & Icecast versions through 4.4.7 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting condition. This allows f...
WordPress Radio Player Shoutcast & Icecast <= 4.4.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Radio Player Shoutcast & Icecast versions = 4.4.7...
CVE-2025-32306 WordPress Radio Player Shoutcast & Icecast theme <= 4.4.6 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Radio Player Shoutcast & Icecast WordPress Plugin audio4-html5 allows Blind SQL Injection.This issue affects Radio Player Shoutcast & Icecast WordPress Plugin: from n/a through = 4.4.6...
WordPress plugin Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Shoutcast and Icecast HTML5 Web Radio...
CVE-2024-8666 Shoutcast Icecast HTML5 Radio Player <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Shoutcast Icecast HTML5 Radio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'html5radio' shortcode in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress Shoutcast Icecast HTML5 Radio Player plugin <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Krzysztof Zając in WordPress Plugin Shoutcast Icecast HTML5 Radio Player versions = 2.1.6...
backroadsandbeyondradio.com XSS vulnerability
Vulnerable URL: http://backroadsandbeyondradio.com/wp-content/plugins/shoutcast-icecast-html5-radio-player/html5/html5shoutcast.php?id=%3C/title%3E%3C/script/%22-alert%280%29-%22--%3E%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.201...