All 2 CVE vulnerabilities found in Music Player for Elementor – Audio Player & Podcast Player, with AI-generated Chinese analysis, references, and POCs.
Vendor: smartwpress
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5340 | Music Player for Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via album_buy_url Parameter CWE-79 | 6.4 | Medium | 2025-06-03 |
| CVE-2024-10582 | Music Player for Elementor – Audio Player & Podcast Player <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Template Import CWE-862 | 4.3 | Medium | 2024-11-15 |
All 2 known CVE vulnerabilities affecting Music Player for Elementor – Audio Player & Podcast Player with full Chinese analysis, references, and POCs where available.