Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
311027.6%CRITICAL

Related CVEs

11
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-8267The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.MEDIUM5.423.8%Sep 25, 2024
CVE-2023-4027The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings.MEDIUM5.332.8%Aug 17, 2024
CVE-2023-4025The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances.MEDIUM5.332.8%Aug 17, 2024
CVE-2023-4024The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to delete player instances.MEDIUM5.332.8%Aug 17, 2024
CVE-2023-52177Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3.MEDIUM6.321.5%Jun 12, 2024
CVE-2024-34753Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.MEDIUM5.325.7%Jun 11, 2024
CVE-2024-35661Missing Authorization vulnerability in SoftLab Upload Fields for WPForms.This issue affects Upload Fields for WPForms: from n/a through 1.0.2.CRITICAL9.828.4%Jun 9, 2024
CVE-2024-35670Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.CRITICAL9.832.7%Jun 4, 2024
CVE-2024-29811Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73.MEDIUM5.425.5%Mar 27, 2024
CVE-2023-49769Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.HIGH8.817.1%Dec 17, 2023
CVE-2023-47548URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.MEDIUM6.130.9%Dec 7, 2023