Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Podlove — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting Podlove. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Podlove is an open-source podcast publishing platform primarily used for creating and managing podcast episodes. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The platform's 13 recorded CVEs highlight consistent security concerns, particularly in input validation and access control mechanisms. While no major public security incidents have been widely documented, the recurring nature of vulnerabilities suggests potential risks for unpatched installations. Users should maintain regular updates and implement proper security hardening to mitigate potential exploitation risks.

Top products by Podlove: Podlove Podcast Publisher Podlove Subscribe button Podlove Web Player
CVE IDTitleCVSSSeverityPublished
CVE-2024-43984 WordPress Podlove Podcast Publisher plugin <= 4.1.13 - CSRF to Remote Code Execution (RCE) vulnerability — Podlove Podcast PublisherCWE-352 9.6 Critical2024-10-31
CVE-2024-43983 WordPress Podlove Podcast Publisher plugin <= 4.1.13 - Cross Site Scripting (XSS) vulnerability — Podlove Podcast PublisherCWE-79 6.5 Medium2024-09-17
CVE-2024-32143 WordPress Podlove Podcast Publisher plugin <= 4.1.0 - Broken Access Control vulnerability — Podlove Podcast PublisherCWE-862 4.3 Medium2024-06-11
CVE-2024-35710 WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability — Podlove Web PlayerCWE-200 5.3 Medium2024-06-08
CVE-2024-32712 WordPress Podlove Podcast Publisher plugin <= 4.0.14 - Broken Access Control vulnerability — Podlove Podcast PublisherCWE-862 7.5 High2024-05-09
CVE-2024-32812 WordPress Podlove Podcast Publisher plugin <= 4.0.11 - Server Side Request Forgery (SSRF) vulnerability — Podlove Podcast PublisherCWE-918 5.4 Medium2024-04-24
CVE-2024-32139 WordPress Podlove Podcast Publisher plugin <= 4.0.12 - SQL Injection vulnerability — Podlove Podcast PublisherCWE-89 8.5 High2024-04-15
CVE-2024-29788 WordPress Podlove Web Player plugin <= 5.7.1 - Cross Site Scripting (XSS) vulnerability — Podlove Web PlayerCWE-79 6.5 Medium2024-03-27
CVE-2024-29915 WordPress Podlove Podcast Publisher plugin <= 4.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — Podlove Podcast PublisherCWE-79 7.1 High2024-03-27
CVE-2023-25481 WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF) — Podlove Subscribe buttonCWE-352 5.4 Medium2023-05-23
CVE-2023-25472 WordPress Podlove Podcast Publisher Plugin <= 3.8.3 is vulnerable to Cross Site Request Forgery (CSRF) — Podlove Podcast PublisherCWE-352 4.3 Medium2023-05-23
CVE-2023-25479 WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Scripting (XSS) — Podlove Subscribe buttonCWE-79 5.9 Medium2023-04-25
CVE-2023-25046 WordPress Podlove Podcast Publisher Plugin <= 3.8.2 is vulnerable to Cross Site Scripting (XSS) — Podlove Podcast PublisherCWE-79 5.9 Medium2023-04-07

This page lists every published CVE security advisory associated with Podlove. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.