CVE-2024-8267

The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input...

WordPress plugin Radio Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Radio Player plugin <= 2.0.78 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via align Attribute vulnerability discovered by Francesco Carlucci in WordPress Plugin Radio Player versions = 2.0.78...

WordPress Radio Player Plugin <= 2.0.78 is vulnerable to Cross Site Scripting (XSS)

Software Radio Player Type Plugin Vulnerable versions = 2.0.78 Fixed in 2.0.79 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8267 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f107fca0ad28 Credits Francesco Carlucci Requir...