Scriptonite Music_request_manager

3 CVEs affecting Scriptonite Music_request_manager. Latest disclosed: 2024-09-12. Critical: 0, High: 0.

Top CVEs affecting Scriptonite Music_request_manager
CVESeverityScorePublishedSummary
CVE-2024-6019Medium6.12024-09-12The Music Request Manager WordPress plugin through 1.3 does not sanitise and escape incoming music requests, which could allow unauthenticated users to perform…
CVE-2024-6018Medium6.12024-09-12The Music Request Manager WordPress plugin through 1.3 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which c…
CVE-2024-6017Medium6.12024-09-12The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could al…