From this webpage screenshot, the following key vulnerability information can be obtained: 1. Vulnerability Name: MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion 2. Vulnerability Description: - Describes an unauthorized arbitrary file deletion vulnerability in the MP3 Audio Player plugin for WordPress. - The vulnerability stems from the and functions, which improperly handle the parameter across all versions (including 5.7.0.1). - Allows attackers with Subscriber or higher privileges to delete any file, potentially enabling remote code execution if is deleted. 3. Vulnerability Rating: - CVSS Score: 3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H - CVSS Score: 9.1 (Critical) 4. Vulnerability Disclosure Date: August 28, 2024 5. Vulnerability Update Date: August 29, 2024 6. Vulnerability Researcher: Arkadiusz Hydzik 7. Vulnerability Fix Status: - Fixed - Latest patched version: 5.7.1 8. Affected Versions: <= 5.7.0.1 9. Vulnerability Disclosure Links: - plugins.trac.wordpress.org - plugins.trac.wordpress.org - plugins.trac.wordpress.org 10. Vulnerability Details: - Includes detailed information about the software type, alias, whether fixed, remediation advice, affected versions, and patched versions. 11. Copyright and Licensing Information: - Copyright and licensing information sourced from Defiant Inc. and MITRE Corporation. 12. Exploit Details: - Describes the exploit mechanism, including the principle and impact of exploitation. 13. Impact: - Describes potential impacts on the system, including possible attack vectors and scope. 14. Remediation Advice: - Recommends updating to the latest version (5.7.1) to fix the vulnerability. 15. Disclosure Date: - Describes the date and time of vulnerability disclosure. 16. Researcher: - Describes the researcher’s name and contact information. 17. Fix Status: - Describes whether the vulnerability is fixed and the version in which it was fixed. 18. Affected Versions: - Describes the range of affected versions. 19. Disclosure Links: - Describes the links and detailed information where the vulnerability was disclosed. 20. Copyright and Licensing Information: - Describes the source and details of copyright and licensing information. 21. Exploit Details: - Describes the exploit mechanism, including the principle and impact of exploitation. 22. Impact: - Describes potential impacts on the system, including possible attack vectors and scope. 23. Remediation Advice: - Recommends updating to the latest version (5.7.1) to fix the vulnerability. 24. Disclosure Date: - Describes the date and time of vulnerability disclosure. 25. Researcher: - Describes the researcher’s name and contact information. 26. Fix Status: - Describes whether the vulnerability is fixed and the version in which it was fixed. 27. Affected Versions: - Describes the range of affected versions. 28. Disclosure Links: - Describes the links and detailed information where the vulnerability was disclosed. 29. Copyright and Licensing Information: - Describes the source and details of copyright and licensing information. 30. Exploit Details: - Describes the exploit mechanism, including the principle and impact of exploitation. 31. Impact: - Describes potential impacts on the system, including possible attack vectors and scope. 32. Remediation Advice: - Recommends updating to the latest version (5.7.1) to fix the vulnerability. 33. Disclosure Date: - Describes the date and time of vulnerability disclosure. 34. Researcher: - Describes the researcher’s name and contact information. 35. Fix Status: - Describes whether the vulnerability is fixed and the version in which it was fixed. 36. Affected Versions: - Describes the range of affected versions. 37. Disclosure Links: - Describes the links and detailed information where the vulnerability was disclosed. 38. Copyright and Licensing Information: - Describes the source and details of copyright and licensing information. 39. Exploit Details: - Describes the exploit mechanism, including the principle and impact of exploitation. 40. Impact: - Describes potential impacts on the system, including possible attack vectors and scope. 41. Remediation Advice: - Recommends updating to the latest version (5.7.1) to fix the vulnerability. 42. Disclosure Date: - Describes the date and time of vulnerability disclosure. 43. Researcher: - Describes the researcher’s name and contact information. 44. Fix Status: - Describes whether the vulnerability is fixed and the version in which it was fixed. 45. Affected Versions: - Describes the range of affected versions. 46. Disclosure Links: - Describes the links and detailed information where the vulnerability was disclosed. 47. Copyright and Licensing Information: - Describes the source and details of copyright and licensing information. 48. Exploit Details: - Describes the exploit mechanism, including the principle and impact of exploitation. 49. Impa