CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Vulnrichment•added 2025/09/05 4:15 p.m.•1 views

CVE-2025-48104 WordPress Floating Window Music Player plugin <= 3.4.2 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in ericzane Floating Window Music Player allows Stored XSS. This issue affects Floating Window Music Player: from n/a through 3.4.2...

7.1CVSS6.1AI score0.00025EPSS

Exploits0References1

Positive Technologies•added 2025/09/05 12:0 a.m.•3 views

PT-2025-36244

Name of the Vulnerable Software and Affected Versions: Floating Window Music Player versions through 3.4.2 Description: A Cross-Site Request Forgery CSRF vulnerability exists in ericzane Floating Window Music Player, which also allows Stored Cross-Site Scripting XSS. Recommendations: Update...

7.1CVSS5.5AI score0.00025EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by