CVE-2024-43983
Severity
5.4MEDIUM
EPSS
0.3%
top 47.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 18
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through 4.1.13.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:LExploitability: 2.3 | Impact: 3.7
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-8gpc-m4px-488q: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows↗2024-09-18
CVEList▶
WordPress Podlove Podcast Publisher plugin <= 4.1.13 - Cross Site Scripting (XSS) vulnerability↗2024-09-17