ZoomSounds

Reflected Cross Site Scripting (XSS) vulnerability <= 6.91

PHP Object Injection vulnerability <= 6.91

Unauthenticated Arbitrary File Download vulnerability <= 6.91

WordPress Wave Audio Player with Playlist plugin <= 6.91 Missing Authorization to Authenticated (Subscriber+) Limited Options Update and Settings Manipulation vulnerability <= 6.91

Authenticated (Contributor+) Stored CrossSite Scripting via Shortcode vulnerability <= 6.91