CVE-2022-1023

Name of the Vulnerable Software and Affected Versions Podcast Importer SecondLine WordPress plugin versions prior to 1.3.8

Description The issue is related to the improper sanitization and escaping of some imported data, which could allow SQL injection attacks to be performed by importing a malicious podcast file. This could potentially lead to unauthorized access or manipulation of database content.

Recommendations For versions prior to 1.3.8, update to version 1.3.8 or later to resolve the issue. As a temporary workaround, consider restricting the import of podcast files from untrusted sources to minimize the risk of exploitation.