6 matches found
CVE-2024-9230
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks...
WordPress PowerPress Podcasting plugin < 11.9.18 - Author+ XSS via Podcast URL vulnerability
Author+ XSS via Podcast URL vulnerability discovered by Bob Matyas in WordPress Plugin PowerPress Podcasting versions 11.9.18...
CVE-2024-9230
creationtimestamp| type| source ---|---|--- 2025-04-14 06:53:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11584 2025-04-14 10:28:55+00:00| seen| https://t.me/cvedetector/22834 2025-04-14 10:33:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmreeczy262g...
CVE-2024-9230
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks...
CVE-2024-9230
CVE-2024-9230 refers to the PowerPress Podcasting plugin by Blubrry for WordPress, with a vulnerability in which settings are not sanitized/escaped when adding a podcast. This root cause enables Stored Cross-Site Scripting for author and higher-privileged users. Public details indicate versions b...
CVE-2024-9230 PowerPress Podcasting < 11.9.18 - Author+ XSS via Podcast URL
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks...