Podlove Subscribe Button Security Vulnerabilities and Issues — Podlove Subscribe Button CVE List

Lucene search

PodlovePodlove Subscribe Button

3 matches found

CVE•added 2023/05/23 1:15 p.m.•33 views

CVE-2023-25481

Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin

8.8CVSS7.1AI score0.00051EPSS

CVE•added 2023/04/25 12:15 p.m.•26 views

CVE-2023-25479

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Subscribe button plugin

5.9CVSS4.9AI score0.00058EPSS

CVE•added 2024/02/07 11:15 a.m.•25 views

CVE-2024-1118

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

8.8CVSS8.9AI score0.00428EPSS