Lucene search
K

226 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.12 views

CVE-2023-4820

The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin...

5.4CVSS6.5AI score0.00403EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/11/28 9:10 a.m.7 views

CVE-2025-13536

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS7.4AI score0.0052EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/27 11:26 a.m.7 views

WordPress Blubrry PowerPress plugin <= 11.15.2 - Authenticated (Contributor+) Arbitrary File Upload via 'powerpress_edit_post' vulnerability

Authenticated Contributor+ Arbitrary File Upload via 'powerpresseditpost' vulnerability discovered by ISMAILSHADOW in WordPress Plugin PowerPress Podcasting versions = 11.15.2...

8.8CVSS7AI score0.0052EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/27 9:30 a.m.7 views

EUVD-2025-199808

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS6.9AI score0.0052EPSS
Exploits0References6
NVD
NVD
added 2025/11/27 9:15 a.m.7 views

CVE-2025-13536

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS0.0052EPSS
Exploits0References5
CVE
CVE
added 2025/11/27 8:27 a.m.24 views

CVE-2025-13536

The CVE targets the Blubrry PowerPress plugin for WordPress (versions up to and including 11.15.2). The root cause is insufficient file type validation: the plugin validates file extensions but does not halt execution when validation fails inside the powerpress_edit_post function, allowing authen...

8.8CVSS7AI score0.0052EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/27 8:27 a.m.3 views

CVE-2025-13536 Blubrry PowerPress <= 11.15.2 - Authenticated (Contributor+) Arbitrary File Upload via 'powerpress_edit_post'

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS7AI score0.0052EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/27 8:27 a.m.11 views

CVE-2025-13536 Blubrry PowerPress <= 11.15.2 - Authenticated (Contributor+) Arbitrary File Upload via 'powerpress_edit_post'

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS0.0052EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.5 views

WordPress plugin Blubrry PowerPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.8CVSS6.8AI score0.0052EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.5 views

PT-2025-48251

Name of the Vulnerable Software and Affected Versions Blubrry PowerPress plugin for WordPress versions through 11.15.2 Description The Blubrry PowerPress plugin for WordPress is susceptible to arbitrary file uploads because of inadequate file type validation. The powerpress edit post function doe...

8.8CVSS7.8AI score0.0052EPSS
Exploits0References12
Patchstack
Patchstack
added 2025/11/08 3:5 a.m.5 views

WordPress PowerPress Podcasting plugin <= 11.13.12 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin PowerPress Podcasting versions = 11.13.12...

4.3CVSS7AI score0.00117EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/30 9:16 a.m.4 views

CVE-2025-64201

Cross-Site Request Forgery CSRF vulnerability in blubrry PowerPress Podcasting powerpress allows Cross Site Request Forgery.This issue affects PowerPress Podcasting: from n/a through = 11.13.12...

4.3CVSS6.9AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/29 9:30 a.m.3 views

EUVD-2025-36625

Cross-Site Request Forgery CSRF vulnerability in blubrry PowerPress Podcasting powerpress allows Cross Site Request Forgery.This issue affects PowerPress Podcasting: from n/a through = 11.13.12...

4.3CVSS6.3AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 2025/10/29 9:15 a.m.8 views

CVE-2025-64201

Cross-Site Request Forgery CSRF vulnerability in blubrry PowerPress Podcasting powerpress allows Cross Site Request Forgery.This issue affects PowerPress Podcasting: from n/a through = 11.13.12...

4.3CVSS0.00117EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 8:38 a.m.8 views

CVE-2025-64201 WordPress PowerPress Podcasting plugin <= 11.13.12 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in blubrry PowerPress Podcasting powerpress allows Cross Site Request Forgery.This issue affects PowerPress Podcasting: from n/a through = 11.13.12...

4.3CVSS0.00117EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 8:38 a.m.2 views

CVE-2025-64201 WordPress PowerPress Podcasting plugin <= 11.13.12 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in blubrry PowerPress Podcasting powerpress allows Cross Site Request Forgery.This issue affects PowerPress Podcasting: from n/a through = 11.13.12...

4.3CVSS6.5AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 8:38 a.m.9 views

CVE-2025-64201

Summary of CVE-2025-64201 (WordPress PowerPress Plugin) : A CSRF vulnerability exists in the blubrry PowerPress Podcasting plugin affecting version(s) up to and including 11.13.12. Public sources in the connected documents confirm the vulnerability class (CSRF) and affected software, with patch s...

4.3CVSS6.5AI score0.00117EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.4 views

WordPress plugin PowerPress Podcasting 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.6AI score0.00117EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.4 views

PT-2025-44246

Name of the Vulnerable Software and Affected Versions blubrry PowerPress Podcasting versions through 11.13.12 Description A Cross-Site Request Forgery CSRF issue exists in blubrry PowerPress Podcasting. This allows attackers to potentially perform actions on behalf of authenticated users without...

4.3CVSS6.4AI score0.00117EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-1522

Malware in sbrugna...

4.3CVSS6.1AI score0.02237EPSS
Exploits3References8
Rows per page
Query Builder