Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

PowerPress Podcasting plugin by Blubrry — Vulnerabilities & Security Advisories 11

All 11 CVE vulnerabilities found in PowerPress Podcasting plugin by Blubrry, with AI-generated Chinese analysis, references, and POCs.

Vendor: blubrry

CVE IDTitleCVSSSeverityPublished
CVE-2026-12098 PowerPress Podcasting plugin by Blubrry <= 11.16.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'embed' Episode Meta Field CWE-79 6.4 Medium2026-06-18
CVE-2026-2988 Blubrry PowerPress <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes CWE-79 6.4 Medium2026-04-08
CVE-2025-13536 Blubrry PowerPress <= 11.15.2 - Authenticated (Contributor+) Arbitrary File Upload via 'powerpress_edit_post' CWE-434 8.8 High2025-11-27
CVE-2024-9227 PowerPress Podcasting < 11.9.18 - Author+ XSS 4.8AIMediumAI2025-05-15
CVE-2024-9230 PowerPress Podcasting < 11.9.18 - Author+ XSS via Podcast URL 5.4AIMediumAI2025-04-14
CVE-2024-9543 Powerpress <= 11.9.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via skipto Shortcode CWE-79 6.4 Medium2024-10-11
CVE-2024-6588 PowerPress Podcasting plugin by Blubrry <= 11.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via media_url Parameter CWE-79 6.4 Medium2024-07-12
CVE-2023-41239 WordPress PowerPress Podcasting Plugin <= 11.0.6 is vulnerable to Server Side Request Forgery (SSRF) CWE-918 6.4 Medium2023-11-13
CVE-2023-4820 PowerPress Podcasting < 11.0.12 - Contributor+ Stored XSS 8.9 -2023-10-16
CVE-2023-30778 WordPress PowerPress Podcasting Plugin <= 10.0.1 is vulnerable to Cross Site Scripting (XSS) CWE-79 5.5 Medium2023-08-15
CVE-2023-1917 PowerPress <= 10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 5.4 Medium2023-06-09

All 11 known CVE vulnerabilities affecting PowerPress Podcasting plugin by Blubrry with full Chinese analysis, references, and POCs where available.