CVE-2026-23798 WordPress PowerPress Podcasting plugin <= 11.15.10 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through = 11.15.10...

CVE-2025-64201

Summary of CVE-2025-64201 (WordPress PowerPress Plugin) : A CSRF vulnerability exists in the blubrry PowerPress Podcasting plugin affecting version(s) up to and including 11.13.12. Public sources in the connected documents confirm the vulnerability class (CSRF) and affected software, with patch s...

WordPress PowerPress Podcasting plugin <= 11.9.17 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Krugov Artyom in WordPress Plugin PowerPress Podcasting versions = 11.9.17...

CVE-2025-32690

CVE-2025-32690 (PowerPress Podcasting) : WordPress plugin PowerPress Podcasting by Blubrry is affected up to version 11.12.5. Public sources in the connected docs identify this as an authenticated, stored cross-site scripting vulnerability within the plugin, arising from input handling during pag...

CVE-2025-32691

CVE-2025-32691: PowerPress Podcasting (Blubrry) WordPress plugin exposed SSRF. Affected: PowerPress Podcasting

WordPress PowerPress Podcasting plugin <= 11.12.6 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin PowerPress Podcasting versions = 11.12.6...

WordPress PowerPress Podcasting Plugin <= 11.9.18 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 11.9.18 Fixed in 11.9.19 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9543 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0cd1cfd00b25 Credits Jack Taylor...

WordPress PowerPress Podcasting plugin by Blubrry plugin <= 11.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via media_url Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via mediaurl Parameter vulnerability discovered by Webbernaut in WordPress Plugin PowerPress Podcasting versions = 11.9.10...

WordPress PowerPress Podcasting Plugin <= 11.9.10 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 11.9.10 Fixed in 11.9.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6588 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a26d6217fa24 Credits Webbernaut...

WordPress PowerPress Podcasting Plugin < 11.0.11 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions 11.0.11 Fixed in 11.0.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1c861647d21b Credits Unknown Required privilege...

WordPress PowerPress Podcasting Plugin <= 10.2.3 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 10.2.3 Fixed in 10.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 51009255116e Credits N/A Required privilege...

WordPress PowerPress Podcasting Plugin <= 10.0.1 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 10.0.1 Fixed in 10.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30778 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID c16325723556 Credits Mika Required...

WordPress PowerPress Podcasting Plugin <= 10.0 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 10.0 Fixed in 10.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1917 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2e844f252ce9 Credits Alex Thomas...

XSS Vulnerability in WordPress PowerPress Plugin

WordPress is the WordPress Wordpress Foundation's set of blogging platform developed using the PHP language.PowerPress is the WordPress plugin. An XSS vulnerability exists in the WordPress PowerPress plugin. An attacker can exploit the vulnerability to obtain an administrator cookie...

WordPress PowerPress Podcasting plugin <= 8.3.7 - Authenticated Arbitrary File Upload leading to Remote Code Execution (RCE) vulnerability

Authenticated Arbitrary File Upload leading to Remote Code Execution RCE vulnerability found by Minh Tuan SunCSR in WordPress PowerPress Podcasting plugin versions = 8.3.7. Solution Update the WordPress PowerPress Podcasting plugin by Blubrry to the latest available version at least 8.3.8...