Podlove Podcast Publisher Vulnerable to Missing Authorization
CVE-2024-32143

8.8HIGH

Key Information:

Vendor: WordPress
Status: Podlove Podcast Publisher
Vendor: CVE Published:; 11 June 2024

Summary

A vulnerability has been identified in Podlove Podcast Publisher, where a missing authorization could allow unauthorized access. This affects versions up to 4.1.0. Proper access control measures are essential to protect sensitive data and maintain the integrity of the podcasting platform.

Affected Version(s)

Podlove Podcast Publisher <= 4.1.0

References

https://patchstack.com/database/vulnerability/podlove-pod...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 11, 2024
Vulnerability Reserved
Apr 11, 2024

Credit

Abdi Pranata (Patchstack Alliance)