CVE-2023-25481

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

CVE-2023-25479

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

EUVD-2023-29436

Malicious code in bioql PyPI...

CVE-2025-58227

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alexander Lueken Podlove Subscribe button podlove-subscribe-button allows Stored XSS.This issue affects Podlove Subscribe button: from n/a through = 1.3.11...

WordPress Podlove Subscribe button Plugin <= 1.3.11 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Podlove Subscribe button versions = 1.3.11...

CVE-2025-58227 WordPress Podlove Subscribe button Plugin <= 1.3.11 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alexander Lueken Podlove Subscribe button podlove-subscribe-button allows Stored XSS.This issue affects Podlove Subscribe button: from n/a through = 1.3.11...

CVE-2025-58227

CVE-2025-58227: Stored XSS in Podlove Subscribe button for WordPress due to improper input neutralization during page generation. Affected: Podlove Subscribe button plugin up to version 1.3.11 (vulnerable line items). Remediation: patch released (plugin update to fix the issue). The entry is back...

WordPress plugin Podlove Subscribe button 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38892

Name of the Vulnerable Software and Affected Versions Podlove Subscribe button versions through 1.3.11 Description The Podlove Subscribe button software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This allows for...

CVE-2024-1118

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-1118

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-1118

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...

Sql injection

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-1118 Podlove Subscribe button <= 1.3.10 - Authenticated (Contributor+) SQL Injection

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2023-25481

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

CVE-2023-25481

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

CVE-2023-25481 WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

PT-2023-20100 · Podlove · Podlove Subscribe Button Plugin

Name of the Vulnerable Software and Affected Versions: Podlove Podlove Subscribe button plugin versions 1.3.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

CVE-2023-25479

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

CVE-2023-25479 WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...