CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Secondlinethemes 1Podcast Subscribe Buttons Jun 17, 2026 Oct 20, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Podcast Subscribe Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'podcast_subscribe' shortcode in versions up to, and including, 1.4.8 due to insufficient input sanitization and output...Show more |
1Secondlinethemes 1Podcast Subscribe Buttons Jun 17, 2026 Oct 18, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The Podcast Subscribe Buttons WordPress plugin before 1.4.2 allows users with any role capable of editing or adding posts to perform stored XSS. |