CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8267

The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute within the 'wp:radio-player' Gutenberg block in all versions up to, and including, 2.0.78 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.9%

CVSS Severity

CVSS v3 Score 6.4

References

Products affected by CVE-2024-8267

Softlabbd » Radio Player » Version: N/A

cpe:2.3:a:softlabbd:radio_player:-
Softlabbd » Radio Player » Version: 1.0.0

cpe:2.3:a:softlabbd:radio_player:1.0.0
Softlabbd » Radio Player » Version: 1.0.1

cpe:2.3:a:softlabbd:radio_player:1.0.1
Softlabbd » Radio Player » Version: 1.0.2

cpe:2.3:a:softlabbd:radio_player:1.0.2
Softlabbd » Radio Player » Version: 1.0.3

cpe:2.3:a:softlabbd:radio_player:1.0.3
Softlabbd » Radio Player » Version: 1.0.4

cpe:2.3:a:softlabbd:radio_player:1.0.4
Softlabbd » Radio Player » Version: 1.0.5

cpe:2.3:a:softlabbd:radio_player:1.0.5
Softlabbd » Radio Player » Version: 1.0.6

cpe:2.3:a:softlabbd:radio_player:1.0.6
Softlabbd » Radio Player » Version: 1.0.7

cpe:2.3:a:softlabbd:radio_player:1.0.7
Softlabbd » Radio Player » Version: 1.0.8

cpe:2.3:a:softlabbd:radio_player:1.0.8
Softlabbd » Radio Player » Version: 1.0.9

cpe:2.3:a:softlabbd:radio_player:1.0.9
Softlabbd » Radio Player » Version: 1.1.0

cpe:2.3:a:softlabbd:radio_player:1.1.0
Softlabbd » Radio Player » Version: 1.1.1

cpe:2.3:a:softlabbd:radio_player:1.1.1
Softlabbd » Radio Player » Version: 1.1.2.

cpe:2.3:a:softlabbd:radio_player:1.1.2.
Softlabbd » Radio Player » Version: 2.0.0

cpe:2.3:a:softlabbd:radio_player:2.0.0
Softlabbd » Radio Player » Version: 2.0.1

cpe:2.3:a:softlabbd:radio_player:2.0.1
Softlabbd » Radio Player » Version: 2.0.2

cpe:2.3:a:softlabbd:radio_player:2.0.2
Softlabbd » Radio Player » Version: 2.0.3

cpe:2.3:a:softlabbd:radio_player:2.0.3
Softlabbd » Radio Player » Version: 2.0.4

cpe:2.3:a:softlabbd:radio_player:2.0.4
Softlabbd » Radio Player » Version: 2.0.5

cpe:2.3:a:softlabbd:radio_player:2.0.5
Softlabbd » Radio Player » Version: 2.0.6

cpe:2.3:a:softlabbd:radio_player:2.0.6
Softlabbd » Radio Player » Version: 2.0.7

cpe:2.3:a:softlabbd:radio_player:2.0.7
Softlabbd » Radio Player » Version: 2.0.71

cpe:2.3:a:softlabbd:radio_player:2.0.71
Softlabbd » Radio Player » Version: 2.0.72

cpe:2.3:a:softlabbd:radio_player:2.0.72
Softlabbd » Radio Player » Version: 2.0.73

cpe:2.3:a:softlabbd:radio_player:2.0.73
Softlabbd » Radio Player » Version: 2.0.74

cpe:2.3:a:softlabbd:radio_player:2.0.74
Softlabbd » Radio Player » Version: 2.0.75

cpe:2.3:a:softlabbd:radio_player:2.0.75
Softlabbd » Radio Player » Version: 2.0.76

cpe:2.3:a:softlabbd:radio_player:2.0.76
Softlabbd » Radio Player » Version: 2.0.77

cpe:2.3:a:softlabbd:radio_player:2.0.77
Softlabbd » Radio Player » Version: 2.0.78

cpe:2.3:a:softlabbd:radio_player:2.0.78

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8267

Products

Pricing

Contact Us