Filtered by vendor Bplugins
Subscriptions
Filtered by product Html5 Audio Player
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24412 | 1 Bplugins | 1 Html5 Audio Player | 2024-08-03 | 5.4 Medium |
| The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode | ||||
| CVE-2023-0170 | 1 Bplugins | 1 Html5 Audio Player | 2024-08-02 | 5.4 Medium |
| The Html5 Audio Player WordPress plugin before 2.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | ||||
| CVE-2024-37445 | 1 Bplugins | 1 Html5 Audio Player | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through 2.2.23. | ||||
Page 1 of 1.