VYPR

Se Html5 Album Audio Player

by Se Html5 Album Audio Player Project

CVEs (3)

  • CVE-2025-13999HigDec 19, 2025
    risk 0.47cvss 7.2epss 0.00

    The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata() function. This makes it possible for unauthenticated…

  • CVE-2024-4398MedMay 14, 2024
    risk 0.42cvss 6.4epss 0.00

    The HTML5 Audio Player- Best WordPress Audio Player Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2.19 due to insufficient input sanitization and output escaping on user supplied…

  • CVE-2015-4414Jun 17, 2015
    risk 0.05cvss epss 0.19

    Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.