VYPR

Music Sheet Viewer

by Music Sheet Viewer

CVEs (3)

  • CVE-2025-25155HigFeb 7, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through <= 4.1.

  • CVE-2024-13671HigJan 30, 2025
    risk 0.49cvss 7.5epss 0.01

    The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the read_score_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can…

  • CVE-2024-13670Jan 30, 2025
    risk 0.00cvss epss 0.00

    The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pn_msv' shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible…