Sonaar

Mp3 Audio Player For Music, Radio & Podcast

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-56266

  • EPSS 0.23%
  • Veröffentlicht 02.01.2025 12:15:28
  • Zuletzt bearbeitet 22.01.2025 17:48:32

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n...

8.8

CVE-2023-47822

  • EPSS 0.27%
  • Veröffentlicht 09.12.2024 13:15:31
  • Zuletzt bearbeitet 22.01.2025 18:21:20

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar...

5.4

CVE-2024-10268

  • EPSS 0.27%
  • Veröffentlicht 19.11.2024 08:15:15
  • Zuletzt bearbeitet 17.01.2025 14:57:54

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sonaar_audioplayer shortcode in all versions up to, and including, 5.8 due to insufficient input ...

8.1

CVE-2024-7856

  • EPSS 76.95%
  • Veröffentlicht 29.08.2024 11:15:29
  • Zuletzt bearbeitet 13.09.2024 18:14:47

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on t...

5.4

CVE-2024-5664

  • EPSS 0.35%
  • Veröffentlicht 10.07.2024 08:15:11
  • Zuletzt bearbeitet 21.11.2024 09:48:07

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaar_audioplayer shortcode in all versions up to, and including, 5.5 ...

7.5

CVE-2024-31343

  • EPSS 1.15%
  • Veröffentlicht 10.04.2024 17:15:55
  • Zuletzt bearbeitet 17.01.2025 19:32:04

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10.1.

5.4

CVE-2024-30530

  • EPSS 0.08%
  • Veröffentlicht 31.03.2024 20:15:08
  • Zuletzt bearbeitet 31.01.2025 19:59:22

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.This issue affects MP3 Audio Player for Music, Radio & Podcast ...

7.6

CVE-2024-30487

  • EPSS 0.22%
  • Veröffentlicht 29.03.2024 14:15:10
  • Zuletzt bearbeitet 31.01.2025 19:41:37

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.1.

4.8

CVE-2021-24624

Exploit
  • EPSS 0.23%
  • Veröffentlicht 01.11.2021 09:15:08
  • Zuletzt bearbeitet 21.11.2024 05:53:26

The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks