Lucene search
K

118 matches found

NVD
NVD
added 2026/04/08 9:16 a.m.6 views

CVE-2026-39647

Server-Side Request Forgery SSRF vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Server Side Request Forgery.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through = 5.11...

5.4CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.16 views

CVE-2026-39647

CVE-2026-39647 describes a Server-Side Request Forgery (SSRF) in the WordPress plugin “MP3 Audio Player for Music, Radio & Podcast by Sonaar”, affected through version 5.11. The connected records confirm the issue is SSRF and affect the plugin with versions up to 5.11. No remediation details are ...

5.4CVSS5.9AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

WordPress plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.4CVSS5.9AI score0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31211

Server-Side Request Forgery SSRF vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Server Side Request Forgery.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through = 5.11...

5.9AI score0.00168EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/19 9:26 a.m.4 views

CVE-2026-1219 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 4.0 - 5.10 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'loadtracknoteajax' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers...

5.3CVSS5.6AI score0.00245EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/19 12:18 a.m.9 views

WordPress MP3 Audio Player 4.0-5.10 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability

Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability discovered by kr0d in WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar versions 4.0-5.10...

5.3CVSS5.5AI score0.00245EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.10 views

WordPress plugin MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

5.3CVSS5.8AI score0.00245EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.11 views

WordPress plugin MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5CVSS5.9AI score0.00183EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/02/13 11:51 p.m.5 views

WordPress MP3 Audio Player 5.3-5.10 - Authenticated (Author+) Server-Side Request Forgery vulnerability

Authenticated Author+ Server-Side Request Forgery vulnerability discovered by kr0d in WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar versions 5.3-5.10...

5CVSS5.5AI score0.00183EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-3782

Malware in sbrugna...

9.3CVSS6.4AI score0.06039EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-4495

Malware in sbrugna...

7.5CVSS7.3AI score0.04769EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-0017

Malware in sbrugna...

9.3CVSS6.2AI score0.05663EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-3781

Malware in sbrugna...

4.3CVSS6.4AI score0.02284EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11536

Malware in sbrugna...

4.8CVSS5AI score0.00622EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-33408

Malicious code in bioql PyPI...

6.4CVSS8.6AI score0.00333EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28407

Malicious code in bioql PyPI...

7.6CVSS8.6AI score0.00482EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-46838

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00329EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-29239

Malicious code in bioql PyPI...

7.5CVSS8.8AI score0.00554EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:6 a.m.11 views

CVE-2024-30530

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.1...

6.5CVSS8.6AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:35 a.m.8 views

CVE-2024-13157

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS5.8AI score0.0041EPSS
Exploits0References1
Rows per page
Query Builder