CVE-2018-20121

Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter.