PT-2024-16147 · Sonaar · Mp3 Audio Player – Music Player

Name of the Vulnerable Software and Affected Versions: The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress versions up to, and including, 5.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's sonaar audioplayer shortcode due t...

WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via sonaaraudioplayer Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar versions = 5.8...

CVE-2024-5664

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and outpu...