1210 matches found
WordPress HTML5 Audio Player plugin 2.4.0-2.5.1 - Unauthenticated Server-Side Request Forgery vulnerability
Unauthenticated Server-Side Request Forgery vulnerability discovered by kr0d in WordPress Plugin Html5 Audio Player versions 2.4.0-2.5.1...
CVE-2025-13999
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
CVE-2025-13999
CVE-2025-13999 is active: the WordPress plugin “HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player” is affected by a Server-Side Request Forgery (SSRF) in versions 2.4.0 through 2.5.1 via getIcyMetadata(). Attackers can make the application perform web requests to arbitrary loc...
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata function. This makes it possible for unauthenticated attackers to make web...
PT-2025-52419
Name of the Vulnerable Software and Affected Versions HTML5 Audio Player WordPress Plugin versions 2.4.0 through 2.5.1 Description The HTML5 Audio Player WordPress Plugin is susceptible to a Server-Side Request Forgery SSRF condition. This allows unauthenticated attackers to initiate web requests...
WordPress plugin HTML5 Audio Player 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
CVE-2025-60062
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mmetrodw tPlayer tplayer-html5-audio-player-with-playlist allows SQL Injection.This issue affects tPlayer: from n/a through = 1.2.1.6...
Malicious Package
Overview react-dnd-html5-backend-14 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
EUVD-2014-0212
Malware in sbrugna...
EUVD-2010-3021
Malware in sbrugna...
EUVD-2016-0807
Malware in sbrugna...
EUVD-2013-2797
Malware in sbrugna...
EUVD-2013-1747
Malware in sbrugna...
EUVD-2019-10597
Malware in sbrugna...
EUVD-2021-21306
Malware in sbrugna...
EUVD-2019-15551
Malware in sbrugna...
EUVD-2020-28140
Malware in sbrugna...
EUVD-2021-13780
Malware in sbrugna...
EUVD-2021-11907
Malware in sbrugna...