38 matches found
CVE-2023-25481
Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...
CVE-2023-25479
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...
EUVD-2024-16892
Malicious code in bioql PyPI...
EUVD-2025-30608
Malicious code in bioql PyPI...
EUVD-2023-29436
Malicious code in bioql PyPI...
CVE-2025-58227
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alexander Lueken Podlove Subscribe button podlove-subscribe-button allows Stored XSS.This issue affects Podlove Subscribe button: from n/a through = 1.3.11...
CVE-2025-58227
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alexander Lueken Podlove Subscribe button podlove-subscribe-button allows Stored XSS.This issue affects Podlove Subscribe button: from n/a through = 1.3.11...
WordPress Podlove Subscribe button Plugin <= 1.3.11 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Podlove Subscribe button versions = 1.3.11...
CVE-2025-58227 WordPress Podlove Subscribe button Plugin <= 1.3.11 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alexander Lueken Podlove Subscribe button podlove-subscribe-button allows Stored XSS.This issue affects Podlove Subscribe button: from n/a through = 1.3.11...
CVE-2025-58227
CVE-2025-58227: Stored XSS in Podlove Subscribe button for WordPress due to improper input neutralization during page generation. Affected: Podlove Subscribe button plugin up to version 1.3.11 (vulnerable line items). Remediation: patch released (plugin update to fix the issue). The entry is back...
WordPress plugin Podlove Subscribe button 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-38892
Name of the Vulnerable Software and Affected Versions Podlove Subscribe button versions through 1.3.11 Description The Podlove Subscribe button software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This allows for...
CVE-2024-1118
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-1118
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-1118
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...
Sql injection
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-1118 Podlove Subscribe button <= 1.3.10 - Authenticated (Contributor+) SQL Injection
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-1118 Podlove Subscribe button <= 1.3.10 - Authenticated (Contributor+) SQL Injection
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-1118
CVE-2024-1118 affects the Podlove Subscribe button plugin for WordPress. The vulnerability is a UNION-based SQL Injection in the podlove-subscribe-button shortcode's button parameter, present in all versions up to 1.3.10 due to insufficient escaping and inadequate query preparation. An authentica...
WordPress Plugin Podlove Subscribe button SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...