Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2015-1016

Malware in sbrugna...

5.3CVSS5.5AI score0.0574EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2022-39087

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00152EPSS
Exploits1References2
CNVD
CNVDadded 2022/09/05 12:0 a.m.14 views

WordPress plugin MP3 jPlayer cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin MP3 jPlayer version 2.7.3 and prior versions are vulnerable to cross-site request...

8.8CVSS3AI score0.00152EPSS
Exploits1References1
OSV
OSVadded 2022/09/01 5:15 p.m.0 views

CVE-2022-36373

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Simon Ward MP3 jPlayer plugin = 2.7.3 at WordPress...

8.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelistadded 2022/09/01 4:49 p.m.14 views

CVE-2022-36373 WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Simon Ward MP3 jPlayer plugin = 2.7.3 at WordPress...

5.4CVSS9.2AI score0.00152EPSS
Exploits1References2
CVE
CVEadded 2022/09/01 4:49 p.m.57 views

CVE-2022-36373

CVE-2022-36373 concerns the WordPress MP3 jPlayer plugin (versions &lt;= 2.7.3). The NVD entry reports multiple CSRF vulnerabilities with a base CVSS v3.1 score of 8.8 (HIGH) and an attack vector of NETWORK, requiring user interaction and no privileges. Connected sources consistently describe CSR...

8.8CVSS7.4AI score0.00152EPSS
Exploits1References2Affected Software1
Patchstack
Patchstackadded 2022/09/01 12:0 a.m.24 views

WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Rasi Afeef Patchstack Alliance in the WordPress MP3-jPlayer plugin versions = 2.7.3. Solution Deactivate and delete. No reply from the vendor...

8.8CVSS4AI score0.00152EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/09/01 12:0 a.m.2 views

PT-2022-23334

Name of the Vulnerable Software and Affected Versions: Simon Ward MP3 jPlayer plugin versions = 2.7.3 Description: The issue concerns multiple Cross-Site Request Forgery CSRF vulnerabilities. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web...

8.8CVSS8.7AI score0.00152EPSS
Exploits1References7
WPVulnDB
WPVulnDBadded 2022/09/01 12:0 a.m.25 views

MP3 jPlayer <= 2.7.3 - Multiple CSRF

The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...

8.8CVSS4.7AI score0.00152EPSS
Exploits1Affected Software1
CNNVD
CNNVDadded 2022/09/01 12:0 a.m.1 views

WordPress plugin MP3 jPlayer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin MP3 jPlayer version 2.7.3 and prior versions are vulnerable to cross-site request...

8.8CVSS6.5AI score0.00152EPSS
Exploits1References3
CNVD
CNVDadded 2016/10/20 12:0 a.m.4 views

Wordpress MP3-jPlayer Plugin Information Disclosure Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. MP3-jPlayer is one of the multimedia playback plug-ins. An information disclosure vulnerability exists in Wordpress MP3-jPlayer plugin version v2.3.2, which can be exploited by an attacker ...

5.3CVSS6.2AI score0.0574EPSS
Exploits1References1
NVD
NVDadded 2016/10/06 2:59 p.m.12 views

CVE-2015-1000008

Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2...

5.3CVSS5.3AI score0.0574EPSS
Exploits1References1
Prion
Prionadded 2016/10/06 2:59 p.m.10 views

Path traversal

Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2...

5CVSS7.1AI score0.0574EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2016/10/06 2:0 p.m.41 views

CVE-2015-1000008

The CVE-2015-1000008 entry concerns the WordPress MP3-jPlayer plugin (v2.3.2) and a path disclosure flaw. Connected records (CNVD/NVD/W PVulnDB) confirm an information disclosure vulnerability in this plugin, with PoC content showing download.php leaking server paths. The WpVulnDB entry notes “Fu...

5.3CVSS5.2AI score0.0574EPSS
Exploits1References1Affected Software1
0day.today
0day.todayadded 2015/08/10 12:0 a.m.48 views

WordPress MP3-jPlayer 2.3.2 Path Disclosure Vulnerability

WordPress MP3-jPlayer plugin version 2.3.2 suffers from a path disclosure vulnerability. Title: Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-12 Download Site: https://wordpress.org/plugins/mp3-jplayer/ Vendor:...

6.9AI score
Exploits0
Patchstack
Patchstackadded 2015/08/06 12:0 a.m.6 views

WordPress MP3 jPlayer Plugin <= 2.3.3 - Full Path Disclosure

Because of this vulnerability, attackers can disclose path information on wordpress sites. Solution Update the plugin...

2.8AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDBadded 2015/08/06 12:0 a.m.16 views

MP3-jPlayer <= 2.4.2 - Full Path Disclosure

The download.php code allows arbitrary users to disclose path information on WordPress sites with this plugin installed. 120 $info = " 121 Get: " . $mp3 . " 122 Sent: " . $sent . " 123 File: " . $file . " 124 Open: " . $SERVER'DOCUMENTROOT' . $fp . " 125 Root: " . $rooturl . " 126 pID: "...

5CVSS1.2AI score0.0574EPSS
Exploits1References1Affected Software1
wpexploit
wpexploitadded 2015/08/06 12:0 a.m.17 views

MP3-jPlayer <= 2.4.2 - Full Path Disclosure

The download.php code allows arbitrary users to disclose path information on WordPress sites with this plugin installed. 120 $info = " 121 Get: " . $mp3 . " 122 Sent: " . $sent . " 123 File: " . $file . " 124 Open: " . $SERVER'DOCUMENTROOT' . $fp . " 125 Root: " . $rooturl . " 126 pID: "...

5CVSS1.4AI score0.0574EPSS
Exploits1References1
Packet Storm
Packet Stormadded 2015/08/06 12:0 a.m.31 views

WordPress MP3-jPlayer 2.3.2 Path Disclosure

Title: Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-12 Download Site: https://wordpress.org/plugins/mp3-jplayer/ Vendor: https://profiles.wordpress.org/simonward-1/ Vendor Notified: 2015-08-06 Vendor Contact: Description:...

7.4AI score
Exploits0
Patchstack
Patchstackadded 2015/08/06 12:0 a.m.6 views

WordPress MP3 jPlayer Plugin <= 2.3.3 - Full Path Disclosure

Because of this vulnerability, attackers can disclose path information on wordpress sites. Solution Update the plugin...

2.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder