WordPress Podlove Podcast Publisher 漏洞列表

共找到 2 个与 WordPress Podlove Podcast Publisher 相关的漏洞

📅 加载漏洞趋势中...

CVE-2021-24666: WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection POC

日期: 2025-08-01 | 影响软件: WordPress Podlove Podcast Publisher

WordPress Podlove Podcast Publisher plugin before 3.5.6 is susceptible to SQL injection. The Social & Donations module, not activated by default, adds the REST route /services/contributor/(?P<id>[\d]+) and takes id and category parameters as arguments. Both parameters can be exploited, thereby potentially enabling an attacker to obtain sensitive information, modify data, and/or execute unauthorized administrative operations.
CVE-2021-24666: WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection POC

日期: 2025-08-01 | 影响软件: WordPress Podlove Podcast Publisher

WordPress Podlove Podcast Publisher plugin before 3.5.6 is susceptible to SQL injection. The Social & Donations module, not activated by default, adds the REST route /services/contributor/(?P<id>[\d]+) and takes id and category parameters as arguments. Both parameters can be exploited, thereby potentially enabling an attacker to obtain sensitive information, modify data, and/or execute unauthorized administrative operations.