3 matches found
CVE-2024-5664
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and outpu...
CVE-2024-5664 MP3 Audio Player for Music, Radio & Podcast by Sonaar <= 5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer Shortcode
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and outpu...
WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar Plugin <= 5.5 is vulnerable to Cross Site Scripting (XSS)
Software MP3 Audio Player for Music, Radio & Podcast by Sonaar Type Plugin Vulnerable versions = 5.5 Fixed in 5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5664 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 61d58242086...