Vulnerabilities > Podlove > Podlove Podcast Publisher > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-23 | CVE-2023-25472 | Unspecified vulnerability in Podlove Podcast Publisher Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions. | 8.8 |
2017-08-18 | CVE-2017-12949 | SQL Injection vulnerability in Podlove Podcast Publisher 2.5.3 lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF. | 8.8 |