4 matches found
CVE-2025-0554
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version = 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject...
CVE-2025-0554
creationtimestamp| type| source ---|---|--- 2025-01-18 05:54:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113847808220833448 2025-01-18 06:15:55+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfynuv6n5t2p 2025-01-18 06:34:14+00:00| seen|...
CVE-2025-0554 Podlove Podcast Publisher <= 4.1.25 - Authenticated (Admin+) Stored Cross-Site Scripting via Feed Name
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version = 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject...
CVE-2025-0554 Podlove Podcast Publisher <= 4.1.25 - Authenticated (Admin+) Stored Cross-Site Scripting via Feed Name
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version = 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject...