Tipsandtricks-hq Compact Wp Audio Player — known CVE vulnerabilities
Every CVE whose affected-product data names Tipsandtricks-hq Compact Wp Audio Player, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-24735 — CVSS 6.5 (medium): The Compact WP Audio Player WordPress plugin before 1.9.7 does not implement nonce checks, which could allow attackers to make a logged in…
CVE-2021-24734 — CVSS 5.4 (medium): The Compact WP Audio Player WordPress plugin before 1.9.7 does not escape some of its shortcodes attributes, which could allow users with a…
CVE-2022-4542 — CVSS 5.4 (medium): The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes before outputting…