Browse all 3 CVE security advisories affecting smartwpress. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5340 | Music Player for Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via album_buy_url Parameter — Music Player for Elementor – Audio Player & Podcast PlayerCWE-79 | 6.4 | Medium | 2025-06-03 |
| CVE-2025-32190 | WordPress Musician's Pack For Elementor plugin <= 1.8.7 - Cross Site Scripting (XSS) vulnerability — Musician's Pack For ElementorCWE-79 | 6.5 | Medium | 2025-04-04 |
| CVE-2024-10582 | Music Player for Elementor – Audio Player & Podcast Player <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Template Import — Music Player for Elementor – Audio Player & Podcast PlayerCWE-862 | 4.3 | Medium | 2024-11-15 |
This page lists every published CVE security advisory associated with smartwpress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.