17 matches found
CVE-2023-4820
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin...
EUVD-2024-47653
Malicious code in bioql PyPI...
CVE-2015-9410
The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter...
CVE-2024-9227
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow admin users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2024-9227
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow admin users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2024-9227
The CVE concerns the WordPress PowerPress Podcasting plugin by Blubrry (versions prior to 11.9.18). The issue is insufficient sanitization/escaping of certain podcast settings when adding a podcast, enabling Stored Cross-Site Scripting (XSS) attacks and affecting admin users, even with unfiltered...
PT-2025-21539 · WordPress · Powerpress Podcasting Plugin
Name of the Vulnerable Software and Affected Versions: PowerPress Podcasting plugin by Blubrry for WordPress versions prior to 11.9.18 Description: The issue concerns the PowerPress Podcasting plugin's failure to properly sanitize and escape certain settings when adding a podcast. This could enab...
CVE-2024-9230
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks...
PT-2025-16205 · Blubrry · Powerpress Podcasting Plugin
Name of the Vulnerable Software and Affected Versions: PowerPress Podcasting plugin by Blubrry WordPress plugin versions prior to 11.9.18 Description: The issue is related to the PowerPress Podcasting plugin by Blubrry WordPress plugin, which does not properly sanitise and escape some of its...
CVE-2023-41239
Server-Side Request Forgery SSRF vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6...
CVE-2023-41239 WordPress PowerPress Podcasting Plugin <= 11.0.6 is vulnerable to Server Side Request Forgery (SSRF)
Server-Side Request Forgery SSRF vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6...
CVE-2023-4820
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin...
CVE-2023-30778
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin = 10.0.1 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin = 10.0.1 versions...
CVE-2023-30778 WordPress PowerPress Podcasting Plugin <= 10.0.1 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin = 10.0.1 versions...
CVE-2015-1385
Cross-site scripting XSS vulnerability in the Blubrry PowerPress Podcasting plugin before 6.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a powerpress-editcategoryfeed action in the powerpressadmincategoryfeeds.php page to...