81 matches found
WordPress HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin <= 2.2.27 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Html5 Audio Player versions = 2.2.27...
CVE-2025-13999
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
WordPress HTML5 Audio Player plugin 2.4.0-2.5.1 - Unauthenticated Server-Side Request Forgery vulnerability
Unauthenticated Server-Side Request Forgery vulnerability discovered by kr0d in WordPress Plugin Html5 Audio Player versions 2.4.0-2.5.1...
CVE-2025-13999
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
CVE-2025-13999
CVE-2025-13999 is active: the WordPress plugin “HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player” is affected by a Server-Side Request Forgery (SSRF) in versions 2.4.0 through 2.5.1 via getIcyMetadata(). Attackers can make the application perform web requests to arbitrary loc...
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
WordPress plugin HTML5 Audio Player 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
PT-2025-52419
Name of the Vulnerable Software and Affected Versions HTML5 Audio Player WordPress Plugin versions 2.4.0 through 2.5.1 Description The HTML5 Audio Player WordPress Plugin is susceptible to a Server-Side Request Forgery SSRF condition. This allows unauthenticated attackers to initiate web requests...
CVE-2025-60062
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mmetrodw tPlayer tplayer-html5-audio-player-with-playlist allows SQL Injection.This issue affects tPlayer: from n/a through = 1.2.1.6...
EUVD-2021-11324
Malware in sbrugna...
EUVD-2013-2797
Malware in sbrugna...
EUVD-2016-0807
Malware in sbrugna...
EUVD-2024-44029
Malicious code in bioql PyPI...
EUVD-2023-12259
Malicious code in bioql PyPI...
EUVD-2025-15487
Malicious code in bioql PyPI...
EUVD-2025-11332
Malicious code in bioql PyPI...
EUVD-2024-36670
Malicious code in bioql PyPI...
EUVD-2024-22460
Malicious code in bioql PyPI...
CVE-2025-48168
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...