CVE-2025-47472 WordPress Music Player for WooCommerce <= 1.5.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in codepeople Music Player for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Music Player for WooCommerce: from n/a through 1.5.1...

CVE-2025-47472 WordPress Music Player for WooCommerce plugin <= 1.5.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in codepeople Music Player for WooCommerce music-player-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Music Player for WooCommerce: from n/a through = 1.5.1...

CVE-2025-30591 WordPress Music Press Pro plugin <= 1.4.6 Broken Access Control Vulnerability

Missing Authorization vulnerability in tuyennv Music Press Pro music-press-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Music Press Pro: from n/a through = 1.4.6...

WordPress Music Press Pro plugin <=1.4.6 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Music Press Pro versions = 1.4.6...

WordPress WP Music Player Plugin <= 1.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Music Player versions = 1.3...

WordPress plugin WP Music Player SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress Music Store – WordPress eCommerce Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Music Store versions = 1.1.19...

WordPress Music Player for Elementor plugin <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Template Import vulnerability

Missing Authorization to Authenticated Subscriber+ Template Import vulnerability discovered by WordFence in WordPress Plugin Music Player for Elementor – Audio Player & Podcast Player versions = 2.4.1...

WordPress Music Request Manager Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Music Request Manager Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6017 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 6d9fb2505e28 Credits Bob Matyas Require...

WordPress Music Request Manager Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Music Request Manager Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6018 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 864294ddb006 Credits Bob Matyas...

WordPress Music Request Manager Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Music Request Manager Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6019 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 635b9b6901ac Credits Bob Matyas...

WordPress Music Store Plugin <= 1.1.13 is vulnerable to SQL Injection

Software Music Store Type Plugin Vulnerable versions = 1.1.13 Fixed in 1.1.14 OWASP Top 10 A3: Injection Classification SQL Injection CVE N/A Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 3ee22c619ee0 Credits Noriko Totsuka JPCERT/CC Required privilege Unauthenticated...

WordPress Music Store plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language.Music Store is one of the plugins used to add a music store to WordPress. A cross-site scripting vulnerability exists in version 1.0.41 of the WordPress Music Store plugin. An attacker can...