📦 Zoomsounds

The ZoomSounds WordPress plugin before version 6.05 contains an unrestricted file upload vulnerability. Unauthenticated attackers can upload arbitrary files to the web server, potentially leading to r...

This CVE describes a PHP object injection vulnerability in the ZoomSounds WordPress plugin that allows attackers to execute arbitrary code through deserialization of untrusted data. It affects all Wor...

The ZoomSounds WordPress plugin allows unauthenticated attackers to upload arbitrary files due to missing file type validation in the savepng.php file. This vulnerability affects WordPress sites runni...

This vulnerability allows unauthenticated attackers to read arbitrary files on WordPress servers running the ZoomSounds plugin. Attackers can access sensitive files like configuration files, passwords...

The ZoomSounds WordPress plugin has an authorization vulnerability that allows authenticated users with Subscriber-level access or higher to modify WordPress option values. This can lead to denial of ...

This vulnerability allows unauthenticated attackers to inject PHP objects via deserialization of untrusted input in the ZoomSounds WordPress plugin. It affects all WordPress sites using ZoomSounds plu...