WordPress Plugin Vulnerabilities

Wordpress CodeArt Google MP3 Player - File Disclosure

Description

The google-mp3-audio-player WordPress plugin was affected by a File Disclosure security vulnerability.

Proof of Concept

Affects Plugins

Plugin icon
google-mp3-audio-player
No known fix

References

Exploitdb
35460

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
1a52ea8b-5b6b-4c01-b9e3-675e8bfdb5c6

Timeline

Publicly Published
2014-12-02 (about 11 years ago)
Added
2017-02-09 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2025-07-16
Title
Formality < 1.5.10 - Unauthenticated Local File Inclusion
Published
2016-07-13
Title
WP Fastest Cache <= 0.8.5.9 - Local File Inclusion (LFI)
Published
2025-12-09
Title
Simple Download Counter < 2.2.3 - Authenticated (Administrator+) Arbitrary File Read via Path Traversal
Published
2015-07-10
Title
IBS Mappro < 1.0 - Directory Traversal
Published
2025-05-14
Title
TicketBAI Facturas para WooCommerce < 3.19 - Unauthenticated Arbitrary File Deletion