VYPR

Mp3 Sticky Player

by WordPress

CVEs (1)

  • CVE-2024-10803HigNov 23, 2024
    risk 0.49cvss 7.5epss 0.01

    The MP3 Sticky Player plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.0 via the content/downloader.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can…