216.73.217.86

CVE-2024-9230

· Published 14/04/2025 06:15 · Modified 14/04/2025 15:15

Labels: CVE-2024-9230 2025-04-14CVE-2024-9230[email protected]

Essential information

Published
14/04/2025 06:15
Modified
14/04/2025 15:15
Author
Creator
CVSS
5.9 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVSS metrics

Description

The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
blubrry / powerpress cpe:2.3:a:blubrry:powerpress:*:<11.9.18:*:*:*:*:*:wordpress:*

References