Music Player for Elementor – Audio Player & Podcast Player

Vulnerabilities 8Slug music-player-for-elementorLatest version 2.5WordPress.org →

Minimum safe version

2.4.7

Update to 2.4.7 or later to address 8 fixable vulnerabilities

Latest available2.5 ✓

Medium 6.1

2026-05-01< 2.4.4

CVE-2024-13362

CVE Wordfence

Medium 6.4

2025-06-03< 2.4.7

WordPress Music Player for Elementor – Audio Player & Podcast Player Plugin <= 2.4.6 is vulnerable to Cross Site Scripting (XSS)

Patchstack EUVD Wordfence CVE

Medium 4.3

2024-11-15< 2.4.2

CVE-2024-10582

CVE Patchstack Wordfence

Medium 6.3

2024-10-16< 1.5.5

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

N/A

2023-07-18< 1.5.9.9

WordPress Music Player for Elementor – Audio Player & Podcast Player Plugin < 1.5.9.9 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

N/A

2022-03-04< 1.5.5

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

2022-02-28< 1.5.5

WordPress Music Player for Elementor – Audio Player & Podcast Player plugin < 1.5.5 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.5.5

WordPress Music Player for Elementor – Audio Player & Podcast Player plugin < 1.5.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack