100 matches found
ZoomSounds Plugin - Unauthenticated Arbitrary File Upload
ZoomSounds plugin for WordPress contains a file upload vulnerability in savepng.php id: CVE-2021-4449 info: name: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload author: 0xnemian severity: critical description: | ZoomSounds plugin for WordPress contains a file upload vulnerability in...
WordPress DZS Zoomsounds <=6.50 - Local File Inclusion
WordPress Zoomsounds plugin 6.45 and earlier allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter. id: CVE-2021-39316 info: name: WordPress DZS Zoomsounds =6.51 to fix t...
CVE-2025-47566
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...
EUVD-2025-206072
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...
CVE-2025-47566
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...
CVE-2025-47566 WordPress ZoomSounds plugin <= 6.91 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...
CVE-2025-47566 WordPress ZoomSounds plugin <= 6.91 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...
CVE-2025-47566
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...
CVE-2025-47566
CVE-2025-47566 refers to a Cross‑Site Scripting vulnerability in the ZoomSounds WordPress plugin. The description and connected docs confirm it is a Reflected XSS caused by improper neutralization of input during web page generation, affecting ZoomSounds:
WordPress ZoomSounds plugin < 6.05 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by ganj in WordPress Plugin ZoomSounds versions 6.05...
PT-2025-54447
Name of the Vulnerable Software and Affected Versions ZoomSounds versions through 6.91 Description A flaw exists in ZoomSounds that allows for Reflected Cross-Site Scripting XSS. This issue occurs due to improper neutralization of input during web page generation. The vulnerability could...
WordPress ZoomSounds - WordPress Wave Audio Player with Playlist plugin <= 6.91 - Unauthenticated PHP Object Injection vulnerability
WordPress ZoomSounds - WordPress Wave Audio Player with Playlist plugin = 6.91 - Unauthenticated PHP Object Injection vulnerability discovered by Lucio Sá in WordPress Plugin ZoomSounds versions = 6.91...
VulnCheck KEV: CVE-2021-4449
The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepng.php' file in versions up to, and including, 5.96. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may...
EUVD-2015-9311
Malware in sbrugna...
EUVD-2025-28096
Malicious code in bioql PyPI...
EUVD-2025-10351
Malicious code in bioql PyPI...
EUVD-2021-34682
Malicious code in bioql PyPI...
EUVD-2025-9912
Malicious code in bioql PyPI...
CVE-2021-4457
The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an arbitrary file anywhere on the web server...
WordPress Zoomsounds plugin file upload vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Zoomsounds plugin that originates from allowing unauthenticated users to upload arbitrary files to a web server. No details o...