Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podlove podlove podcast publisher vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32712
Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a up to and including 4.0.14.
NA
CVE-2024-32812
Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a up to and including 4.0.11.
NA
CVE-2024-32139
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a up to and including 4.0.12.
NA
CVE-2024-29915
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Reflected XSS.This issue affects Podlove Podcast Publisher: from n/a up to and including 4.0.9.
5.3
CVSSv3
CVE-2024-1109
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the init_download() and init() functions in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated malicious users t...
Podlove Podlove Podcast Publisher
5.3
CVSSv3
CVE-2024-1110
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init() function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated malicious users to import the pl...
Podlove Podlove Podcast Publisher
8.8
CVSSv3
CVE-2023-25472
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions.
Podlove Podlove Podcast Publisher
4.8
CVSSv3
CVE-2023-25046
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.2 versions.
Podlove Podlove Podcast Publisher
9.8
CVSSv3
CVE-2021-24666
The Podlove Podcast Publisher WordPress plugin prior to 3.5.6 contains a 'Social & Donations' module (not activated by default), which adds the rest route '/services/contributor/(?P<id>[\d]+), takes an 'id' and 'category' parameters as...
Podlove Podlove Podcast Publisher
6.1
CVSSv3
CVE-2016-10941
The podlove-podcasting-plugin-for-wordpress plugin prior to 2.3.16 for WordPress has XSS exploitable via CSRF.
Podlove Podlove Podcast Publisher
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »