Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Vulnerability List
Found 58 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-13776 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update and Settings Manipulation ZoomItZoomSounds - WordPress Wave Audio Player with Playlist High 8.1 2025-04-05 05:32:12 Deep Dive
CVE-2025-32235 WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability sonaarMP3 Audio Player for Music, Radio & Podcast by Sonaar Medium 4.3 2025-04-04 15:59:21 Deep Dive
CVE-2024-13777 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated PHP Object Injection ZoomItZoomSounds - WordPress Wave Audio Player with Playlist High 8.1 2025-03-05 09:21:45 Deep Dive
CVE-2025-23561 WordPress MLL Audio Player MP3 Ajax plugin <= 0.7 - Cross Site Scripting (XSS) vulnerability robertkayMLL Audio Player MP3 Ajax Medium 6.5 2025-02-03 14:22:42 Deep Dive
CVE-2024-13157 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Podcast RSS Feed sonaarMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar Medium 6.4 2025-01-31 08:21:25 Deep Dive
CVE-2024-56279 WordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerability mra13Compact WP Audio Player Medium 6.4 2025-01-07 10:49:23 Deep Dive
CVE-2024-56266 WordPress MP3 Audio Player plugin <= 5.8 - Broken Access Control vulnerability sonaarMP3 Audio Player for Music, Radio & Podcast by Sonaar Medium 6.3 2025-01-02 12:01:31 Deep Dive
CVE-2024-56203 WordPress Wayne Audio Player plugin <= 1.0 - CSRF to Privilege Escalation vulnerability gholme4Wayne Audio Player High 8.8 2024-12-31 13:21:19 Deep Dive
CVE-2023-47822 WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10 - Broken Access Control vulnerability Sonaar MusicMP3 Audio Player for Music, Radio & Podcast by Sonaar Medium 5.4 2024-12-09 11:30:42 Deep Dive
CVE-2024-10268 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer Shortcode sonaarMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar Medium 6.4 2024-11-19 07:35:26 Deep Dive
CVE-2024-52348 WordPress AA Audio Player plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability AA ExtensionsAA Audio Player Medium 6.5 2024-11-18 21:41:34 Deep Dive
CVE-2024-10582 Music Player for Elementor – Audio Player & Podcast Player <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Template Import smartwpressMusic Player for Elementor – Audio Player & Podcast Player Medium 4.3 2024-11-15 05:30:55 Deep Dive
CVE-2024-51573 WordPress ML Responsive Audio plugin <= 0.2 - Stored Cross Site Scripting (XSS) vulnerability ersatzpoleML Responsive Audio player with playlist Shortcode Medium 6.5 2024-11-11 05:47:17 Deep Dive
CVE-2024-10176 Compact WP Audio Player <= 1.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_embed_player Shortcode mra13Compact WP Audio Player Medium 6.4 2024-10-24 11:03:17 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2021-4449 ZoomSounds <= 5.96 - Unauthenticated Arbitrary File Upload ZoomItZoomSounds - WordPress Wave Audio Player with Playlist Critical 9.8 2024-10-16 06:43:25 Deep Dive
CVE-2024-8267 Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress <= 2.0.78 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute princeahmedRadio Player – Live Shoutcast, Icecast and Any Audio Stream Player Medium 6.4 2024-09-24 06:40:55 Deep Dive
CVE-2024-7856 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion sonaarMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar High 8.1 2024-08-29 03:52:57 Deep Dive
CVE-2023-4025 Radio Player <= 2.0.73 - Missing Authorization to Player Update princeahmedRadio Player – Live Shoutcast, Icecast and Any Audio Stream Player Medium 5.3 2024-08-17 07:34:24 Deep Dive
CVE-2023-4024 Radio Player <= 2.0.73 - Missing Authorization to Player Deletion princeahmedRadio Player – Live Shoutcast, Icecast and Any Audio Stream Player Medium 5.3 2024-08-17 07:34:21 Deep Dive