Lucene search
+L

5 matches found

Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2025-59563 WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Sonaar = 4.27.4 versions...

8.8CVSS0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2025-59560 WordPress Sonaar theme <= 4.27.4 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Sonaar = 4.27.4 versions...

7.1CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 1:55 a.m.11 views

CVE-2023-54351 WordPress Sonaar Music Plugin 4.7 Stored XSS via Comments

WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the comment functionality. Attackers can submit JavaScript payloads in the comment parameter to wp-comments-post.php which are stored an...

7.2CVSS5.2AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 1:55 a.m.25 views

CVE-2023-54351

CVE-2023-54351 : WordPress Sonaar Music Plugin 4.7 has a stored XSS vulnerability in the comment functionality. Unauthenticated attackers can submit JavaScript payloads via the comment parameter to wp-comments-post.php, which are stored and later executed in the browsers of users viewing the affe...

7.2CVSS5.2AI score0.00184EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/10/06 11:54 a.m.4 views

WordPress Sonaar theme <= 4.27.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Sonaar versions = 4.27.4...

6.1AI score0.0023EPSS
Exploits0Affected Software1
Rows per page
Query Builder