PT-2026-25292 · Eric Teubert · Podlove Podcast Publisher

Zaim

Publicado

2026-03-13

Atualizado

2026-03-14

CVE-2026-32448

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Podlove Podcast Publisher versions through 4.3.3

Description The software is susceptible to a cross-site scripting issue due to improper input validation during web page generation. This allows for the injection of malicious scripts, specifically Stored XSS. The issue affects the Podlove Podcast Publisher WordPress plugin.

Recommendations Versions prior to and including 4.3.3 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2026-32448

Produtos afetados

Podlove Podcast Publisher

PT-2026-25292 · Eric Teubert · Podlove Podcast Publisher

CVE-2026-32448

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5