4 matches found
WordPress WS Audio Player plugin <= 1.1.8 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin WS Audio Player versions = 1.1.8...
CVE-2025-31400
Cross-Site Request Forgery CSRF vulnerability in icyleaf WS Audio Player ws-audio-player allows Stored XSS.This issue affects WS Audio Player: from n/a through = 1.1.8...
CVE-2025-31400
CVE-2025-31400 describes a CSRF leading to Stored XSS in the WS Audio Player (ICYLEAF WS Audio Player). Affected versions: WS Audio Player up to 1.1.8. The CVE entry, referenced by Patchstack and Wordfence, lists a CVSSv3.1 base score of 7.1 (HIGH) with network attack vector, low attack complexit...
CVE-2025-31400 WordPress WS Audio Player plugin <= 1.1.8 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in icyleaf WS Audio Player ws-audio-player allows Stored XSS.This issue affects WS Audio Player: from n/a through = 1.1.8...