Scriptonite Music_request_manager
3 CVEs affecting Scriptonite Music_request_manager. Latest disclosed: 2024-09-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6019 | Medium | 6.1 | 2024-09-12 | The Music Request Manager WordPress plugin through 1.3 does not sanitise and escape incoming music requests, which could allow unauthenticated users to perform… |
CVE-2024-6018 | Medium | 6.1 | 2024-09-12 | The Music Request Manager WordPress plugin through 1.3 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which c… |
CVE-2024-6017 | Medium | 6.1 | 2024-09-12 | The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could al… |