Podlove Podlove Podcast Publisher
9 CVEs affecting Podlove Podlove Podcast Publisher. Latest disclosed: 2024-10-31. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43984 | Critical | 9.6 | 2024-10-31 | Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher allows Code Injection.This issue affects Podlove Podcast Publisher: from n… |
CVE-2024-32139 | High | 8.5 | 2024-04-15 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podl… |
CVE-2024-32712 | High | 7.5 | 2024-05-14 | Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.14. |
CVE-2024-29915 | High | 7.1 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Reflected XSS.Th… |
CVE-2024-43983 | Medium | 6.5 | 2024-09-18 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Stored XS… |
CVE-2023-25046 | Medium | 5.9 | 2023-04-07 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.2 versions. |
CVE-2024-32812 | Medium | 5.4 | 2024-04-24 | Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.11. |
CVE-2024-32143 | Medium | 4.3 | 2024-06-11 | Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.1.0. |
CVE-2023-25472 | Medium | 4.3 | 2023-05-23 | Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions. |