Vulnerability Details CVE-2016-10941
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://blog.ripstech.com/2016/the-state-of-wordpress-security/
- https://github.com/podlove/podlove-publisher/blob/master/changelog.txt
- https://wordpress.org/plugins/podlove-podcasting-plugin-for-wordpress/#developers
- https://blog.ripstech.com/2016/the-state-of-wordpress-security/
- https://github.com/podlove/podlove-publisher/blob/master/changelog.txt
- https://wordpress.org/plugins/podlove-podcasting-plugin-for-wordpress/#developers
Products affected by CVE-2016-10941
-
cpe:2.3:a:podlove:podlove_podcast_publisher:-