CVE-2025-46264

Name of the Vulnerable Software and Affected Versions Angelo Mandato PowerPress Podcasting versions prior to 11.12.6

Description The issue allows attackers to upload dangerous files, potentially leading to the upload of a web shell to a web server. This can be exploited through unrestricted file upload, which may enable attackers to execute malicious code on the server.

Recommendations For versions prior to 11.12.6, update to version 11.12.6 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to only allow safe file types until a patch is applied. Restrict access to the file upload functionality to minimize the risk of exploitation.