Unrated severityNVD Advisory· Published Aug 17, 2024· Updated Apr 8, 2026
Radio Player <= 2.0.73 - Missing Authorization to Player Update
CVE-2023-4025
Description
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=2.0.73
- princeahmed/Radio Player – Live Shoutcast, Icecast and Any Audio Stream Playerv5Range: 0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.