Lbg Audio5 Html5 Shoutcast Sticky

CVEs (3)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2025-31926	Hig	0.55	8.5	May 16, 2025	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through <= 3.4.
CVE-2025-48168	Hig	0.46	7.1	Aug 20, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through <= 3.4.
CVE-2025-31426	Hig	0.46	7.1	Jun 9, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky allows Reflected XSS.This issue affects Sticky Radio Player: from n/a through <= 3.4.

CVE-2025-31926HigMay 16, 2025
risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through <= 3.4.
CVE-2025-48168HigAug 20, 2025
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through <= 3.4.
CVE-2025-31426HigJun 9, 2025
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky allows Reflected XSS.This issue affects Sticky Radio Player: from n/a through <= 3.4.