Lucene search
K

10 matches found

NVD
NVD
added 2026/04/08 9:16 a.m.6 views

CVE-2026-39647

Server-Side Request Forgery SSRF vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Server Side Request Forgery.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through = 5.11...

5.4CVSS0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.9 views

PT-2026-31211

Server-Side Request Forgery SSRF vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Server Side Request Forgery.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through = 5.11...

5.9AI score0.00168EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:6 a.m.13 views

CVE-2024-30530

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.1...

6.5CVSS8.6AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/06 4:56 p.m.16 views

CVE-2025-32235

Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through = 5.9.4...

4.3CVSS7.2AI score0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/04 3:59 p.m.8 views

CVE-2025-32235 WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.9.4...

4.3CVSS7.2AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2025/04/04 3:59 p.m.59 views

CVE-2025-32235

No public technical details about CVE-2025-32235 are provided in the connected documents. The initial description notes a Missing Authorization issue in the Sonaar MP3 Audio Player plugin (versions up to 5.9.4), but there are no concrete technical details (vulnerable component, exploit method, ro...

4.3CVSS7.2AI score0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:30 a.m.11 views

CVE-2023-47822 WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10...

5.4CVSS6.9AI score0.0042EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 8:15 a.m.12 views

CVE-2024-10268

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.8 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS0.00333EPSS
Exploits0References3
NVD
NVD
added 2024/08/29 11:15 a.m.33 views

CVE-2024-7856

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles function and insufficient path validation on the 'file' parameter in all versions up to, and...

8.1CVSS0.19326EPSS
Exploits1References4
NVD
NVD
added 2024/07/10 8:15 a.m.19 views

CVE-2024-5664

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and outpu...

6.4CVSS0.00329EPSS
Exploits0References4
Rows per page
Query Builder