Lucene search
PatchstackVULNRICHMENT:CVE-2024-31343HistoryApr 10, 2024 - 4:12 p.m.
CVE-2024-31343 WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10.1 - Arbitrary File Download vulnerability
2024-04-1016:12:14
CWE-862
Patchstack
github.com
1
cve-2024-31343
wordpress
sonaar
arbitrary file download
missing authorization
music player
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7 High
AI Score
Confidence
High
Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "mp3-music-player-by-sonaar",
"product": "MP3 Audio Player for Music, Radio & Podcast by Sonaar",
"vendor": "Sonaar Music",
"versions": [
{
"changes": [
{
"at": "5.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.10.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-31343
2024-04-10 17:15:55
nvd
nvd
CVE-2024-31343
2024-04-10 17:15:55
wpvulndb
wpvulndb
cvelist
cvelist
wordfence
wordfence
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7 High
AI Score
Confidence
High
Related for VULNRICHMENT:CVE-2024-31343