Browse all 4 CVE security advisories affecting Sonaar Music. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sonaar Music operates as a digital music distribution platform enabling artists to upload and distribute tracks to streaming services. Historically, the organization has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws in its web applications. These issues have allowed unauthorized access to user accounts, manipulation of uploaded content, and potential compromise of backend systems. While no major public security incidents have been documented, the presence of four CVEs indicates recurring security challenges in input validation and access control mechanisms. The platform's reliance on user-generated content and integration with third-party services creates multiple attack vectors that require continuous security monitoring and patch management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-47822 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10 - Broken Access Control vulnerability — MP3 Audio Player for Music, Radio & Podcast by SonaarCWE-862 | 5.4 | Medium | 2024-12-09 |
| CVE-2024-31343 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10.1 - Arbitrary File Download vulnerability — MP3 Audio Player for Music, Radio & Podcast by SonaarCWE-862 | 7.5 | High | 2024-04-10 |
| CVE-2024-30530 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.1 - Cross Site Scripting (XSS) vulnerability — MP3 Audio Player for Music, Radio & Podcast by SonaarCWE-79 | 6.5 | Medium | 2024-03-31 |
| CVE-2024-30487 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.1 - Broken Access Control vulnerability — MP3 Audio Player for Music, Radio & Podcast by SonaarCWE-862 | 7.6 | High | 2024-03-29 |
This page lists every published CVE security advisory associated with Sonaar Music. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.