Lucene search
K

185 matches found

CNNVD
CNNVD
added 2024/01/08 12:0 a.m.4 views

WordPress Plugin HTML5 MP3 Player with Playlist Free Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin HTML5 MP3...

9.1CVSS6.9AI score0.00616EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/01/03 12:0 a.m.12 views

WordPress HTML5 MP3 Player with Playlist Free Plugin <= 3.0.0 is vulnerable to PHP Object Injection

Software HTML5 MP3 Player with Playlist Free Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-52207 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID 5809c2a2acac Credits Rafie Muhammad...

9.1CVSS6.8AI score0.00616EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/01/03 12:0 a.m.8 views

WordPress HTML5 MP3 Player with Folder Feedburner Plugin <= 2.8.0 is vulnerable to PHP Object Injection

Software HTML5 MP3 Player with Folder Feedburner Type Plugin Vulnerable versions = 2.8.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-52202 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID 379c769eaf42 Credits Rafie Muhammad...

9.1CVSS6.8AI score0.00618EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/03/06 2:15 p.m.19 views

CVE-2023-0069

The WPaudio MP3 Player WordPress plugin through 4.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.3AI score0.00743EPSS
Exploits1References1
OSV
OSV
added 2023/03/06 2:15 p.m.2 views

CVE-2023-0069

The WPaudio MP3 Player WordPress plugin through 4.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00743EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/06 1:34 p.m.6 views

CVE-2023-0069 WPaudio MP3 Player <= 4.0.2 - Contributor+ Stored XSS

The WPaudio MP3 Player WordPress plugin through 4.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6AI score0.00743EPSS
Exploits1References1
CVE
CVE
added 2023/03/06 1:34 p.m.67 views

CVE-2023-0069

The CVE-2023-0069 entry concerns the WordPress plugin WPaudio MP3 Player up to version 4.0.2 . The issue is a stored cross-site scripting (XSS) vulnerability caused by not validating/escaping certain shortcode attributes before rendering them in posts/pages, enabling users with the contributor ro...

5.4CVSS5.3AI score0.00743EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/03/06 12:0 a.m.6 views

WordPress plugin WPaudio MP3 Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS5.5AI score0.00743EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2020/04/01 12:0 a.m.4 views

@4players/odin-bot-sdk (>=0.1.0 <=0.4.4), @bhznjns/node-mp3-player (>=1.0.0 <=1.3.3) +39 more potentially affected by CVE-2020-7615 via fsa (>=0.3.1 <=0.5.1)

fsa NPM version =0.3.1, =0.1.0, =1.0.0, =1.0.0, =0.0.5, =0.0.1, =1.0.0, =0.0.1, =0.0.2, =1.2.2, =0.1.0, =1.0.4, =0.1.0, =0.1.0, =1.0.0, =2.0.0 - chiasenhac-music-bot =1.0.0 and more Source cves: CVE-2020-7615 Source advisory: SNYK:JS-FSA-564118...

7.8CVSS7.1AI score0.01139EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2017/05/28 10:19 a.m.14 views

folkawards.ca XSS vulnerability

Vulnerable URL:...

6.2AI score
Exploits0
myhack58
myhack58
added 2017/03/01 12:0 a.m.40 views

Windows Exploit development tutorial series--stack injection a-vulnerability warning-the black bar safety net

! Foreword Welcome to the heap spray tutorial the first part. This Part I will introduce the IE under typical heap spray technique, the second part will introduce the precise injection and IE8 under UAF vulnerabilities. It is worth mentioning that, the stack injection is just a payload Delivery...

8AI score
Exploits0
CNVD
CNVD
added 2016/10/08 12:0 a.m.2 views

Joomla Shape 5 MP3 Player Local File Disclosure Vulnerability

Joomla Shape 5 MP3 Player is a plugin for playing music on top of Joomla. A local file disclosure vulnerability exists in Joomla Shape 5 MP3 Player version 2.0, which can be exploited by attackers via a specific URL, resulting in the disclosure of local file information...

6.5AI score
Exploits0References1
hackapp
hackapp
added 2016/04/01 9:38 a.m.9 views

MP3 Player Pro - Dynamic Code Loading, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application MP3 Player Pro published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:38 a.m.7 views

MP3 Player - Dangerous filesystem permissions, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application MP3 Player published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:38 a.m.15 views

MP3 Player - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application MP3 Player published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:37 a.m.12 views

Mp3 player - Dangerous filesystem permissions, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application Mp3 player published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:37 a.m.10 views

MP3 Player - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application MP3 Player published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:37 a.m.13 views

Music - Mp3 Player - Dynamic Code Loading, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Music - Mp3 Player published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:15 a.m.8 views

MP3 Player - Music Player - Dynamic Code Loading, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application MP3 Player - Music Player published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:15 a.m.9 views

MP3 Player - Dynamic Code Loading, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application MP3 Player published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder