Vulnerabilities > CVE-2023-47822 - Missing Authorization vulnerability in Sonaar MP3 Audio Player for Music, Radio & Podcast

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

sonaar

CWE-862

NVD

Published: 2024-12-09

Updated: 2025-01-22

Summary

Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10.

Vulnerable Configurations

Part	Description	Count
Application	Sonaar Sonaar MP3 Audio Player FOR Music, Radio & Podcast - Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.0 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.1.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.4 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.4.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.4.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 1.5 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.0 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.0.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.0.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.2.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.2.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.2.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.2.4 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.3.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.3.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.4 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.4.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.4.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 2.4.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.0 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.0.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.0.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.2.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.4 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.5 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 3.6 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.0 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.1.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.1.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.3 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.3.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.4 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.4.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.5 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.5.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.6.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.6.2 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.7 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.8 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.8.1 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.9 Sonaar MP3 Audio Player FOR Music, Radio & Podcast 4.10	54

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/wordpress/plugin/mp3-music-player-by-sonaar/vulnerability/wordpress-mp3-audio-player-for-music-radio-podcast-by-sonaar-plugin-4-10-broken-access-control-vulnerability?_s_id=cve