PowerPress Podcasting plugin by Blubrry, CVE-2024-9227
- CVE, Research URL
- Application
- Published on
- May 16, 2025
- Research Description
- The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow admin users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
- Affected versions
-
Min -, max 11.9.18.
- Status
-
vulnerable
Previous vulnerability researches |
---|
Responsive Lightbox2 (CVE-2022-3987) , Jun 07, 2024 |
Responsive Lightbox2 (3a708e667647cfc7347348989e4ffa77f2b38c04) , Jun 07, 2024 |