3 matches found
CVE-2024-8267
The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input...
CVE-2024-8267 Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress <= 2.0.78 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute
The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input...
WordPress Radio Player Plugin <= 2.0.78 is vulnerable to Cross Site Scripting (XSS)
Software Radio Player Type Plugin Vulnerable versions = 2.0.78 Fixed in 2.0.79 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8267 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f107fca0ad28 Credits Francesco Carlucci Requir...