Eteubert Podlove Podcast Publisher
5 CVEs affecting Eteubert Podlove Podcast Publisher. Latest disclosed: 2025-09-23. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-10147 | Critical | 9.8 | 2025-09-23 | The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'move_as_original_file' f… |
CVE-2024-1110 | Medium | 5.3 | 2024-02-07 | The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init() function… |
CVE-2024-1109 | Medium | 5.3 | 2024-02-07 | The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the init_download() and in… |
CVE-2025-0554 | Medium | 4.4 | 2025-01-18 | The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version <= 4.1.25 due to insufficien… |
CVE-2025-1383 | Medium | 4.3 | 2025-03-06 | The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.2. This is due to miss… |