Lucene search
K

106 matches found

Patchstack
Patchstack
added 2026/06/17 6:12 p.m.7 views

WordPress PowerPress Podcasting plugin by Blubrry plugin <= 11.16.8 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Mukhlis Amien in WordPress Plugin PowerPress Podcasting versions = 11.16.8...

6.4CVSS5.2AI score0.00202EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.9 views

CVE-2026-2988

The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 6:31 a.m.5 views

EUVD-2026-20035

The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6.1AI score0.00205EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 4:17 a.m.4 views

CVE-2026-2988

The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 2:25 a.m.19 views

CVE-2026-2988 Blubrry PowerPress <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes

The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00205EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 2:25 a.m.6 views

CVE-2026-2988 Blubrry PowerPress <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes

The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6.1AI score0.00205EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31072

The Blubrry PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'powerpress' and 'podcast' shortcodes in versions up to, and including, 11.15.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6.1AI score0.00205EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.5 views

WordPress plugin Blubrry PowerPress 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00205EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/07 10:53 p.m.5 views

WordPress Blubrry PowerPress plugin <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via powerpress and podcast Shortcodes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin PowerPress Podcasting versions = 11.15.15...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.4 views

CVE-2026-32351

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blubrry PowerPress Podcasting powerpress allows Stored XSS.This issue affects PowerPress Podcasting: from n/a through = 11.15.13...

5.9CVSS5.8AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 9:31 p.m.6 views

EUVD-2026-11837

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blubrry PowerPress Podcasting powerpress allows Stored XSS.This issue affects PowerPress Podcasting: from n/a through = 11.15.13...

5.8AI score0.00172EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:41 a.m.4 views

CVE-2026-32351

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blubrry PowerPress Podcasting powerpress allows Stored XSS.This issue affects PowerPress Podcasting: from n/a through = 11.15.13...

5.8AI score0.00172EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/05 6:30 a.m.7 views

EUVD-2026-9595

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through = 11.15.10...

5.9AI score0.00482EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 6:16 a.m.4 views

CVE-2026-23798

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through = 11.15.10...

8.8CVSS0.00482EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:53 a.m.11 views

CVE-2026-23798

CVE-2026-23798 affects the WordPress PowerPress Podcasting plugin by Blubrry. The issue is a PHP object injection via deserialization of untrusted data in PowerPress, with affected versions listed as up through

8.8CVSS5.9AI score0.00482EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:53 a.m.2 views

CVE-2026-23798

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through = 11.15.10...

5.9AI score0.00482EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.4 views

PT-2026-23216

Name of the Vulnerable Software and Affected Versions blubrry PowerPress Podcasting versions through 11.15.10 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue impacts PowerPress Podcasting. Recommendations Update...

5.8AI score0.00482EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.8 views

WordPress Blubrry PowerPress 6.0 Cross Site Scripting

A cross site scripting vulnerability exists in Blubrry PowerPress WordPress Plugin version 6.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

4.3CVSS5.2AI score0.02237EPSS
Exploits3
EUVD
EUVD
added 2025/11/27 9:30 a.m.6 views

EUVD-2025-199808

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS6.9AI score0.0052EPSS
Exploits0References6
NVD
NVD
added 2025/11/27 9:15 a.m.7 views

CVE-2025-13536

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the...

8.8CVSS0.0052EPSS
Exploits0References5
Rows per page
Query Builder