CVE-2023-4025

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateplayer function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances...

CVE-2023-4027

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updatesettings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings...

EUVD-2024-26805

Malicious code in bioql PyPI...

EUVD-2024-35023

Malicious code in bioql PyPI...

EUVD-2024-27850

Malicious code in bioql PyPI...

EUVD-2024-31329

Malicious code in bioql PyPI...

EUVD-2024-30308

Malicious code in bioql PyPI...

CVE-2024-29811

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73...

CVE-2024-34753

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

CVE-2024-34753

CVE-2024-34753 corresponds to a Missing Authorization (Broken Access Control) vulnerability affecting WordPress Radio Player (SoftLab Radio Player). Connected sources identify the affected package as Radio Player for WordPress, with versions listed as n/a through 2.0.73. The root cause is an auth...

WordPress Radio Player plugin <= 2.0.73 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Radio Player versions = 2.0.73...

PT-2024-24623 · Unknown · Softlab Radio Player

Name of the Vulnerable Software and Affected Versions: SoftLab Radio Player versions through 2.0.73 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not have acce...

WordPress Radio Player plugin <= 2.0.73 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Radio Player versions = 2.0.73...

CVE-2024-29811

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73...

PT-2023-27345 · WordPress · Radio Player

Name of the Vulnerable Software and Affected Versions: Radio Player plugin for WordPress versions up to, and including, 2.0.73 Description: The issue is related to a missing capability check on the delete player function, allowing unauthenticated attackers to modify data by deleting player...