WordPress Music Sheet Viewer plugin <= 4.1 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by Peter Thaleikis in WordPress Plugin Music Sheet Viewer versions = 4.1...

EUVD-2025-4064

Malicious code in bioql PyPI...

CVE-2024-13670

The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pnmsv' shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-25155

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through = 4.1...

CVE-2025-25155

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through = 4.1...

CVE-2025-25155 WordPress Music Sheet Viewer plugin <= 4.1 - Arbitrary File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through = 4.1...

CVE-2025-25155

CVE-2025-25155 concerns the WordPress plugin Music Sheet Viewer, version 4.1 and earlier. The issue is a path traversal vulnerability caused by improper restriction of pathnames, enabling arbitrary file read from the server. Affected product: WordPress Music Sheet Viewer plugin ≤ 4.1. The CVE and...

CVE-2025-25155 WordPress Music Sheet Viewer plugin <= 4.1 - Arbitrary File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through = 4.1...

WordPress plugin Music Sheet Viewer 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

CVE-2024-13671

The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the readscorefile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

WordPress Music Sheet Viewer plugin <= 4.1 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by Abdi Pranata in WordPress Plugin Music Sheet Viewer versions = 4.1...

WordPress Music Sheet Viewer plugin <= 4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Music Sheet Viewer versions = 4.1...

CVE-2024-13671

The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the readscorefile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

CVE-2024-13671

The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the readscorefile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

CVE-2024-13670

The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pnmsv' shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13670

The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pnmsv' shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13670 Music Sheet Viewer <= 4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pnmsv' shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13670 Music Sheet Viewer <= 4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pnmsv' shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13670

CVE-2024-13670 covers a stored XSS in the WordPress Music Sheet Viewer plugin (pn_msv shortcode) across versions up to 4.1 due to insufficient input sanitization and output escaping on user-supplied attributes. It is exploitable by authenticated attackers with contributor+ privileges to inject sc...

CVE-2024-13671 Music Sheet Viewer <= 4.1 - Unauthenticated Arbitrary File Read

The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the readscorefile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...