Browse all 17 CVE security advisories affecting mra13. AI-powered Chinese analysis, POCs, and references for each vulnerability.
mra13 is a software component primarily used for authentication and session management in web applications. Historically, it has been associated with 17 CVEs, commonly involving remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The component's security posture has been compromised in several high-profile incidents, including unauthorized access to sensitive user data and complete system takeovers due to insecure default configurations. Security researchers have consistently identified flaws in its input validation and access control mechanisms, making it a frequent target in penetration testing engagements. Organizations using mra13 should prioritize applying security patches and implementing additional compensating controls.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-56279 | WordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerability — Compact WP Audio PlayerCWE-918 | 6.4 | Medium | 2025-01-07 |
| CVE-2024-10176 | Compact WP Audio Player <= 1.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_embed_player Shortcode — Compact WP Audio PlayerCWE-79 | 6.4 | Medium | 2024-10-24 |
This page lists every published CVE security advisory associated with mra13. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.