Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

blubrry — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting blubrry. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Blubrry operates a podcast hosting and advertising platform, enabling content creators to publish and monetize audio programs. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with 14 CVEs documented. Security researchers have identified weaknesses in its WordPress plugin integration, authentication mechanisms, and media processing components. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for podcasters relying on the service for content distribution and revenue generation.

Top products by blubrry: PowerPress Podcasting plugin by Blubrry PowerPress Podcasting
CVE IDTitleCVSSSeverityPublished
CVE-2026-2988 Blubrry PowerPress <= 11.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via powerpress and podcast Shortcodes — PowerPress Podcasting plugin by BlubrryCWE-79 6.4 Medium2026-04-08
CVE-2026-32351 WordPress PowerPress Podcasting plugin <= 11.15.13 - Cross Site Scripting (XSS) vulnerability — PowerPress PodcastingCWE-79 5.9 Medium2026-03-13
CVE-2026-23798 WordPress PowerPress Podcasting plugin <= 11.15.10 - PHP Object Injection vulnerability — PowerPress PodcastingCWE-502 8.8 High2026-03-05
CVE-2025-13536 Blubrry PowerPress <= 11.15.2 - Authenticated (Contributor+) Arbitrary File Upload via 'powerpress_edit_post' — PowerPress Podcasting plugin by BlubrryCWE-434 8.8 High2025-11-27
CVE-2025-64201 WordPress PowerPress Podcasting plugin <= 11.13.12 - Cross Site Request Forgery (CSRF) vulnerability — PowerPress PodcastingCWE-352 4.3 Medium2025-10-29
CVE-2025-49984 WordPress PowerPress Podcasting plugin <= 11.13.11 - Server Side Request Forgery (SSRF) Vulnerability — PowerPress PodcastingCWE-918 4.9 Medium2025-06-20
CVE-2025-46264 WordPress PowerPress Podcasting <= 11.12.5 - Arbitrary File Upload Vulnerability — PowerPress PodcastingCWE-434 9.9 Critical2025-04-24
CVE-2025-32691 WordPress PowerPress Podcasting plugin <= 11.12.6 - Server Side Request Forgery (SSRF) Vulnerability — PowerPress PodcastingCWE-918 4.9 Medium2025-04-09
CVE-2025-32690 WordPress PowerPress Podcasting plugin <= 11.12.5 - Cross Site Scripting (XSS) Vulnerability — PowerPress PodcastingCWE-79 6.5 Medium2025-04-09
CVE-2024-9543 Powerpress <= 11.9.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via skipto Shortcode — PowerPress Podcasting plugin by BlubrryCWE-79 6.4 Medium2024-10-11
CVE-2024-6588 PowerPress Podcasting plugin by Blubrry <= 11.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via media_url Parameter — PowerPress Podcasting plugin by BlubrryCWE-79 6.4 Medium2024-07-12
CVE-2023-41239 WordPress PowerPress Podcasting Plugin <= 11.0.6 is vulnerable to Server Side Request Forgery (SSRF) — PowerPress Podcasting plugin by BlubrryCWE-918 6.4 Medium2023-11-13
CVE-2023-30778 WordPress PowerPress Podcasting Plugin <= 10.0.1 is vulnerable to Cross Site Scripting (XSS) — PowerPress Podcasting plugin by BlubrryCWE-79 5.5 Medium2023-08-15
CVE-2023-1917 PowerPress <= 10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — PowerPress Podcasting plugin by BlubrryCWE-79 5.4 Medium2023-06-09

This page lists every published CVE security advisory associated with blubrry. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.