Vulnerabilities in sonaar
10 resultsCVE-2024-7856HIGHMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File DeletionEPSS 18.8%CVE-2024-13157MEDIUMMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Podcast RSS FeedEPSS 0.4%CVE-2024-10268MEDIUMMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer ShortcodeEPSS 0.3%CVE-2024-5664MEDIUMMP3 Audio Player for Music, Radio & Podcast by Sonaar <= 5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer ShortcodeEPSS 0.3%CVE-2025-32235MEDIUMWordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56266MEDIUMWordPress MP3 Audio Player plugin <= 5.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1219MEDIUMMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 4.0 - 5.10 - Unauthenticated Insecure Direct Object Reference to Sensitive Information ExposureEPSS 0.2%CVE-2023-54351MEDIUMWordPress Sonaar Music Plugin 4.7 Stored XSS via CommentsEPSS 0.2%CVE-2026-1249MEDIUMMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 5.3 - 5.10 - Authenticated (Author+) Server-Side Request ForgeryEPSS 0.2%CVE-2026-39647MEDIUMWordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.11 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%