Vulnerabilities > CVE-2021-24735 - Unspecified vulnerability in Tipsandtricks-Hq Compact WP Audio Player

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
tipsandtricks-hq
NVD
Published: 2021-10-18
Updated: 2024-11-21

Summary

The Compact WP Audio Player WordPress plugin before 1.9.7 does not implement nonce checks, which could allow attackers to make a logged in admin change the "Disable Simultaneous Play" setting via a CSRF attack.

Vulnerable Configurations

Part Description Count
Application
Tipsandtricks-Hq
16

References