Podlove
podlove
23 CVEs • 2 products
Products (2)
Click to collapseToggle
Products (2)
Click to collapse
CVEs (23)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Podlove 1Podlove Podcast Publisher Nov 21, 2024 Sep 13, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF. |
1Podlove 1Podlove Podcast Publisher Nov 21, 2024 Sep 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF. |
1Podlove 1Podlove Podcast Publisher May 13, 2026 Aug 18, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF. |