CVE-2025-23854 | Shoutcast and Icecast HTML5 Web Radio Player Plugin cross site scripting

Posted by Angelo Barbosa | Jan 16, 2025 | CVE

A vulnerability has been found in YesStreaming Shoutcast & Icecast Internet Radio Hosting Shoutcast and Icecast HTML5 Web Radio Player Plugin up to 3.3 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-23854. The attack can be launched remotely. There is no exploit available.

CVE-2025-23854 | Shoutcast and Icecast HTML5 Web Radio Player Plugin cross site scripting

Related Posts

CVE-2024-3911 | Welotec SMART EMS/VPN Security Suite up to 3.1.3 ui layer (VDE-2024-023)

CVE-2024-37052 | MLflow 1.1.0 deserialization

CVE-2023-50254 | linuxdeepin developer-center up to 6.0.6 docx Document path traversal (GHSA-q9jr-726g-9495)

CVE-2024-56510 | marp-team marp-core up to 3.9.0/4.0.0 cross site scripting (GHSA-x52f-h5g4-8qv5)