226 matches found
CVE-2026-12098
The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
EUVD-2026-37862
The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
CVE-2026-12098 PowerPress Podcasting plugin by Blubrry <= 11.16.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'embed' Episode Meta Field
The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
CVE-2026-12098
CVE-2026-12098 affects the WordPress PowerPress Podcasting plugin by Blubrry up to version 11.16.8. The vulnerability is a Stored Cross-Site Scripting via the embed Episode Meta Field, caused by insufficient input sanitization and output escaping. The embed value is stored with update_post_meta()...
WordPress PowerPress Podcasting plugin by Blubrry plugin <= 11.16.8 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Mukhlis Amien in WordPress Plugin PowerPress Podcasting versions = 11.16.8...
EUVD-2026-36910
Contributor SQL Injection in PowerPress Podcasting = 11.15.10 versions...
CVE-2026-24637
Contributor SQL Injection in PowerPress Podcasting = 11.15.10 versions...
CVE-2026-24637 WordPress PowerPress Podcasting plugin <= 11.15.10 - SQL Injection vulnerability
Contributor SQL Injection in PowerPress Podcasting = 11.15.10 versions...
CVE-2026-24637
CVE-2026-24637 affects the WordPress PowerPress Podcasting plugin, specifically versions
PT-2026-49355
Contributor SQL Injection in PowerPress Podcasting = 11.15.10 versions...
CVE-2026-2988
The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress PowerPress Podcasting plugin <= 11.15.10 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Phat RiO in WordPress Plugin PowerPress Podcasting versions = 11.15.10...
EUVD-2026-20035
The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2988
The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2988 Blubrry PowerPress <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes
The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2988 Blubrry PowerPress <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes
The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2988
CVE-2026-2988 affects the Blubrry PowerPress WordPress plugin. Versions up to and including 11.15.15 are vulnerable to Stored Cross-Site Scripting via the powerpress and podcast shortcodes due to insufficient input sanitization and output escaping. Exploitation is possible by authenticated attack...
PT-2026-31072
The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Blubrry PowerPress 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Blubrry PowerPress plugin <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via powerpress and podcast Shortcodes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin PowerPress Podcasting versions = 11.15.15...