Version 0

CVE-2023-4025

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances.

MEDIUM CVSS 5.3 Published Aug 17, 2024

CVE-2023-4024

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to delete player instances.

MEDIUM CVSS 5.3 Published Aug 17, 2024

CVE-2023-4027

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings.

MEDIUM CVSS 5.3 Published Aug 17, 2024

CVE-2024-34753

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.

MEDIUM CVSS 5.3 Published Jun 11, 2024

CVE-2024-2906

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.

MEDIUM CVSS 6.5 Published Mar 26, 2024