CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
What the vulnerability does
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Server-Side Request Forgery in versions 5.3 to 5.10 via the 'load_lyrics_ajax_callback' function. This makes it possible for authenticated attackers, with author level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Explanation of Vulnerability in Simple Terms
The MP3 Audio Player plugin for WordPress contains a server-side request forgery (SSRF) vulnerability in versions 5.3 through 5.10. An authenticated user with low privileges can make the site send HTTP requests to internal or external systems on the attacker's behalf, potentially exposing sensitive data or interacting with restricted services. The vulnerability requires an authenticated session but no user interaction from the victim.
What an attacker can do
Make the site send HTTP requests to internal systems or external URLs to access restricted data or services.
Potential impact on your site
Authenticated users can probe your internal network, access metadata services, or interact with restricted APIs using your site as a proxy.
Conditions required to exploit
Attacker must have a low-privilege authenticated account on the WordPress site.
Key dates
External resources
Related vulnerabilities
