CVE-2024-8267
- EPSS 0.34%
- Veröffentlicht 25.09.2024 01:15:45
- Zuletzt bearbeitet 26.08.2025 20:15:34
The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and i...
CVE-2023-4024
- EPSS 0.23%
- Veröffentlicht 17.08.2024 08:15:05
- Zuletzt bearbeitet 28.08.2024 18:32:02
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to...
CVE-2023-4025
- EPSS 0.36%
- Veröffentlicht 17.08.2024 08:15:05
- Zuletzt bearbeitet 28.08.2024 18:30:15
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to...
CVE-2023-4027
- EPSS 0.37%
- Veröffentlicht 17.08.2024 08:15:05
- Zuletzt bearbeitet 12.09.2024 17:53:23
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers ...
CVE-2024-34753
- EPSS 0.11%
- Veröffentlicht 11.06.2024 16:15:27
- Zuletzt bearbeitet 21.11.2024 09:19:19
Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.
CVE-2024-29811
- EPSS 0.18%
- Veröffentlicht 27.03.2024 13:15:53
- Zuletzt bearbeitet 13.05.2025 16:02:33
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73.