MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar < 5.7.1 – Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion | CVE 2024-7856 | Plugin Vulnerabilities

Description

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted.

Affects Plugins

mp3-music-player-by-sonaar

Fixed in 5.7.1

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/43adc9dd-1780-440f-90c2-ff05a22eb084

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Arkadiusz Hydzik

Verified

No

WPVDB ID

8b3e32a7-524b-41d2-9723-7b6dc88e646a

Timeline

Publicly Published

2024-08-28 (about 1 year ago)

Added

2024-08-28 (about 1 year ago)

Last Updated

2024-10-24 (about 1 year ago)

Other

Published

Title

Published

2023-03-10

Title

RapidLoad Power-Up for Autoptimize < 1.7.2 - Unauthorised AJAX Calls

Published

2025-02-18

Title

WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Missing Authorization to Unauthenticated Portfolio Update

Published

2025-01-14

Title

RomethemeKit For Elementor < 1.5.4 - Missing Authorization in save_options and reset_widgets

Published

2024-09-12

Title

Classified Listing – Classified ads & Business Directory Plugin < 3.1.8 - Missing Authorization

Published

2025-06-12

Title

myCred < 2.9.4.3 - Missing Authorization