cleantalk
Vulnerabilities and Security Researches

Floating Window Music Player, CVE-2025-48104

CVE, Research URL

CVE-2025-48104

Home page URL

Security reports for Floating Window Music Player

Application

Floating Window Music Player

Published on
Sep 05, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player allows Stored XSS. This issue affects Floating Window Music Player: from n/a through 3.4.2.
Affected versions
Min -, max 3.4.2.
Status
vulnerable
Previous vulnerability researches
Everest News (CVE-2023-28687) , Jun 10, 2024
Everest News (CVE-2023-27421) , Jun 10, 2024
New vulnerability
Redis Object Cache , Sep 17, 2025
Zakra (CVE-2025-8595) , Sep 15, 2025
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025