Unrated severityNVD Advisory· Published Nov 1, 2021· Updated Aug 3, 2024
MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting
CVE-2021-24624
Description
The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/MP3 Audio Player for Music, Radio & Podcast by Sonaardescription
- Range: <2.4.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d79d2f6a-257a-4c9e-b971-9837abd4211cmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.