CVE-2025-13536
The CVE targets the Blubrry PowerPress plugin for WordPress (versions up to and including 11.15.2). The root cause is insufficient file type validation: the plugin validates file extensions but does not halt execution when validation fails inside the powerpress_edit_post function, allowing authen...