cleantalk
Vulnerabilities and Security Researches

Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress, CVE-2026-24548

CVE, Research URL

CVE-2026-24548

Home page URL

Security reports for Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress

Application

Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress

Published on
Jan 23, 2026
Research Description
Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
Affected versions
max 2.0.91.
Status
vulnerable
Previous vulnerability researches
Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com (CVE-2025-23854) , Jan 18, 2025
Shoutcast Icecast HTML5 Radio Player (CVE-2024-8666) , Oct 26, 2024
Radio Player &#8211; Live Shoutcast, Icecast and Any Audio Stream Player for WordPress (971fb8ca82e479cf299b6fe3febbcab5da5854dc) , Jun 07, 2024
Radio Player &#8211; Live Shoutcast, Icecast and Any Audio Stream Player for WordPress (CVE-2024-34753) , Jun 07, 2024
Radio Player &#8211; Live Shoutcast, Icecast and Any Audio Stream Player for WordPress (CVE-2024-32506) , Jun 07, 2024
New vulnerability
POST SMTP &#8211; The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2024-13362) , May 02, 2026
Elementor Website Builder – More than Just a Page Builder (CVE-2026-6127) , May 02, 2026
WPGraphQL (CVE-2026-40762) , May 02, 2026
Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery (CVE-2024-13362) , May 02, 2026
GiveWP &#8211; Donation Plugin and Fundraising Platform (CVE-2026-34900) , May 02, 2026