CVE-2021-24735
Compact WP Audio Player < 1.9.7 - Setting Change via CSRF
The Compact WP Audio Player WordPress plugin before 1.9.7 does not implement nonce checks, which could allow attackers to make a logged in admin change the "Disable Simultaneous Play" setting via a CSRF attack.
Affected products
Unknown · Compact WP Audio PlayerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →