CVE-2024-32812

CWE-918 — Server-Side Request Forgery (SSRF)3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.1%

top 67.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Podlove Podlove Podcast Publisher

Timeline

PublishedApr 24

Description

Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.11.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDpodlove/podlove_podcast_publisher< 4.0.12

▶CVEListV5podlove/podlove_podcast_publishern/a — 4.0.11

🔴Vulnerability Details

CVEList

WordPress Podlove Podcast Publisher plugin <= 4.0.11 - Server Side Request Forgery (SSRF) vulnerability↗2024-04-24

▶

GHSA

GHSA-p44r-3x7c-4h83: Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher↗2024-04-24

▶