Se Html5 Album Audio Player
by Se Html5 Album Audio Player Project
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13999 | Hig | 0.47 | 7.2 | 0.00 | Dec 19, 2025 | The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata() function. This makes it possible for unauthenticated… | ||
| CVE-2024-4398 | Med | 0.42 | 6.4 | 0.00 | May 14, 2024 | The HTML5 Audio Player- Best WordPress Audio Player Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2.19 due to insufficient input sanitization and output escaping on user supplied… | ||
| CVE-2015-4414 | 0.05 | — | 0.19 | Jun 17, 2015 | Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. |
- risk 0.47cvss 7.2epss 0.00
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata() function. This makes it possible for unauthenticated…
- risk 0.42cvss 6.4epss 0.00
The HTML5 Audio Player- Best WordPress Audio Player Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2.19 due to insufficient input sanitization and output escaping on user supplied…
- CVE-2015-4414Jun 17, 2015risk 0.05cvss —epss 0.19
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.