133 matches found
WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar Plugin <= 4.10 is vulnerable to Broken Access Control
Software MP3 Audio Player for Music, Radio & Podcast by Sonaar Type Plugin Vulnerable versions = 4.10 Fixed in 4.10.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47822 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 8b88ee16e64b...
WordPress Sonaar Music 4.7 Cross Site Scripting
Exploit Title: Wordpress Sonaar Music Plugin 4.7 - Stored XSS Date: 2023-09-05 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/wp/wordpress/wp-comments-post.php Version: 4.7 REQUIRED Tested on: Windows/Linux...
Wordpress Sonaar Music Plugin 4.7 - Stored XSS Vulnerability
Exploit Title: Wordpress Sonaar Music Plugin 4.7 - Stored XSS Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/wp/wordpress/wp-comments-post.php Version: 4.7 REQUIRED Tested on: Windows/Linux...
Wordpress Sonaar Music Plugin 4.7 - Stored XSS
Exploit Title: Wordpress Sonaar Music Plugin 4.7 - Stored XSS Date: 2023-09-05 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/wp/wordpress/wp-comments-post.php Version: 4.7 REQUIRED Tested on: Windows/Linux...
WordPress MP3 Audio Player for Music, Radio
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar Plugin in versions prior to 2.4.2, which stems from a lack of data validation of...
CVE-2021-24624
The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks...
Cross site scripting
The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks...
CVE-2021-24624 MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting
The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks...
CVE-2021-24624
CVE-2021-24624 (WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar) affects the plugin before 2.4.2. The root cause is improper sanitization/escaping of data in Playlist settings, enabling high-privilege users to perform Cross-Site Scripting attacks. Proof-of-concept details exist in...
WordPress 跨站脚本漏洞
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar Plugin in versions prior to 2.4.2, which stems from a lack of data validation of...
MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting
The plugin does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks PoC 1 Add playlist with "Optional Call to Action"'s "Label" set to: " style="animation-name:twentytwentyone-close-button-transition"...
MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting
The plugin does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks 1 Add playlist with "Optional Call to Action"'s "Label" set to: " style="animation-name:twentytwentyone-close-button-transition"...
WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 2.4.1 - Multiple Cross-Site Scripting (XSS) vulnerabilities
Multiple Cross-Site Scripting XSS vulnerabilities discovered by apple502j in WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin versions = 2.4.1. Solution Update the WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin to the latest available version at least...