Access Control Vulnerability in Seriously Simple Podcasting by Craig Hewitt
CVE-2026-39505
5.3MEDIUM
What is CVE-2026-39505?
A missing authorization vulnerability has been identified in the Seriously Simple Podcasting plugin by Craig Hewitt. This flaw allows attackers to exploit incorrectly configured access control security levels, leading to unauthorized actions. Websites using this plugin in versions from its initial release up to and including version 3.14.2 are at risk. It's essential for users to ensure proper configuration to safeguard against potential exploits.
Affected Version(s)
Seriously Simple Podcasting 0 <= 3.14.2