Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:35 a.m.8 views

CVE-2024-13157

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS5.8AI score0.0041EPSS
Exploits0References1
Circl
Circl
added 2025/01/31 9:15 a.m.5 views

CVE-2024-13157

creationtimestamp| type| source ---|---|--- 2025-01-31 09:15:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgznysr65x2h...

6.4CVSS6.9AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2025/01/31 9:15 a.m.7 views

CVE-2024-13157

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.0041EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/31 8:21 a.m.14 views

CVE-2024-13157 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Podcast RSS Feed

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.0041EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/31 8:21 a.m.5 views

CVE-2024-13157 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Podcast RSS Feed

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS5.8AI score0.0041EPSS
Exploits0References4
CVE
CVE
added 2025/01/31 8:21 a.m.53 views

CVE-2024-13157

The CVE CVE-2024-13157 affects the WordPress plugin “MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar”. It describes a Stored Cross-Site Scripting (XSS) via the Podcast RSS Feed in all versions up to and including 5.9.3. The vulnerability arises from insufficient input sanitizati...

6.4CVSS5.8AI score0.0041EPSS
Exploits0References4
Rows per page
Query Builder