Html5 Audio Player

html5_audio_player

Vendor: Bplugins • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-37445 1Bplugins 1Html5 Audio Player Nov 21, 2024 Jul 22, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through 2.2.23.
CVE-2023-0170 1Bplugins 1Html5 Audio Player Mar 25, 2025 Feb 6, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Html5 Audio Player WordPress plugin before 2.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with th...Show more The Html5 Audio Player WordPress plugin before 2.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.Show less
CVE-2021-24412 1Bplugins 1Html5 Audio Player Nov 21, 2024 Oct 18, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payloa...Show more The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcodeShow less