VYPR

Audioigniter

by WordPress

CVEs (1)

  • CVE-2026-8679HigMay 22, 2026
    risk 0.44cvss 7.5epss 0.02

    The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle_playlist_endpoint() function (hooked to template_redirect) accepting a user-controlled playlist ID via the…