Home/Product/podlove podcast publisher
Product

podlove podcast publisher

20 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-13730
< 4.2.1
The Podlove Podcast Publisher WordPress plugin before 4.2.1 does not sanitise and escape some of its settings, which could allow h
4.8MEDIUM
 CVE-2024-13729
< 4.1.24
The Podlove Podcast Publisher WordPress plugin before 4.1.24 does not sanitise and escape some of its settings, which could allow
4.8MEDIUM
 CVE-2025-1383
< 4.2.3
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and includin
4.3MEDIUM
 CVE-2025-0554
< 4.2.0
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version
4.4MEDIUM
 CVE-2024-52393
<= 4.1.15
Deserialization of Untrusted Data vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress.
9.1CRITICAL
 CVE-2024-43984
< 4.1.14
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podcast Publisher allows Code Injection.This issue affects Podl
9.6CRITICAL
 CVE-2024-43983
< 4.1.14
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podca
6.5MEDIUM
 CVE-2024-32143
< 4.1.1
Missing Authorization vulnerability in Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a th
4.3MEDIUM
 CVE-2024-32712
< 4.0.15
Missing Authorization vulnerability in Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a th
7.5HIGH
 CVE-2024-32812
< 4.0.12
Server-Side Request Forgery (SSRF) vulnerability in Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher
5.4MEDIUM
 CVE-2024-32139
<= 4.0.12
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podcast Publ
8.5HIGH
 CVE-2024-29915
< 4.0.10
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podcast Publ
7.1HIGH
 CVE-2024-1110
<= 4.0.11
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability
5.3MEDIUM
 CVE-2024-1109
<= 4.0.11
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check
5.3MEDIUM
 CVE-2023-25472
< 3.8.4
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podcast Publisher plugin <= 3.8.3 versions.
4.3MEDIUM
 CVE-2023-25046
<= 3.8.2
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podcast Publisher plugin <= 3.8.2 versions.
5.9MEDIUM
 CVE-2021-24666
< 3.5.6
The Podlove Podcast Publisher WordPress plugin before 3.5.6 contains a 'Social & Donations' module (not activated by default), whi
9.8CRITICAL
 CVE-2016-10942
< 2.3.16
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter explo
9.8CRITICAL
 CVE-2016-10941
< 2.3.16
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.
6.1MEDIUM
 CVE-2017-12949
all versions
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQ
8.8HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin