WordPress Plugin Vulnerabilities

Podlove Podcast Publisher <= 2.3.15 - Multiple SQLi & XSS

Description

The Podlove Podcast Publisher WordPress plugin was affected by a Multiple SQLi & XSS security vulnerability.

Affects Plugins

Plugin icon
podlove-podcasting-plugin-for-wordpress
Fixed in 2.3.16

References

CVE
CVE-2016-10942
CVE
CVE-2016-10941
URL
https://blog.ripstech.com/2016/the-state-of-wordpress-security/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
1f729f8e-3be6-4d15-81d2-54a38dad6d5b

Timeline

Publicly Published
2016-12-14 (about 9 years ago)
Added
2016-12-14 (about 9 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2020-06-28
Title
Nexos - Real Estate < 1.8 - Unauthenticated Reflected XSS & SQL Injection
Published
2014-09-17
Title
Easy Media Gallery < 1.3.0 - CSRF & Cross-Site Scripting (XSS)
Published
2020-03-23
Title
WPvivid Backup < 0.9.36 - Missing Authorization Leading To Database Leak
Published
2014-12-15
Title
Sliding Social Icons <= 1.61 - CSRF & Stored XSS
Published
2021-07-12
Title
Frontend File Manager < 18.3 - Authenticated Arbitrary Settings Change to Arbitrary File Upload