Cross site request forgery (csrf)

2019-09-1312:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.

CPENameOperatorVersion
podlove_podcast_publisherlt2.3.16

CPE	Name	Operator	Version
	podlove_podcast_publisher	lt	2.3.16

References

blog.ripstech.com/2016/the-state-of-wordpress-security/

github.com/podlove/podlove-publisher/blob/master/changelog.txt

wordpress.org/plugins/podlove-podcasting-plugin-for-wordpress/