CVE-2024-1110

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-1110

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1110.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-1110

Published

2024-02-07T11:15:09.040Z

Modified

2026-04-10T05:08:13.752715Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init() function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attackers to import the plugin's settings.

References

Affected packages

Git / github.com/podlove/podlove-publisher

Affected ranges

Type

GIT

Repo

https://github.com/podlove/podlove-publisher

Events

Introduced

Last affected

de996158bdac6175e026f7a57f8a9b7a466c21ac

Fixed

7873ff520631087e2f10737860cdcd64d53187ba

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.11"
        }
    ]
}

Affected versions

1.*

1.10.10-alpha

1.10.11-alpha

1.10.14-alpha

1.10.15-alpha

1.10.16-alpha

1.10.17-alpha

1.10.18-alpha

1.10.19-alpha

1.10.20-alpha

1.10.21-alpha

1.10.22-alpha

1.10.23-alpha

1.10.3-alpha

1.10.4-alpha

1.10.5-alpha

1.10.6-alpha

1.10.7-alpha

1.10.8-alpha

1.10.9-alpha

1.11-alpha

1.11.1-alpha

1.11.2-alpha

1.9.10-alpha

1.9.11-alpha

1.9.12-alpha

1.9.3-alpha

1.9.4-alpha

1.9.5-alpha

1.9.6-alpha

1.9.8-alpha

1.9.9-alpha

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.1.0

2.1.1

2.1.2

2.1.3

2.10.0

2.11.0

2.11.1

2.11.2

2.11.3

2.11.4

2.2.0

2.3.0

2.3.1

2.3.2

2.3.3

2.3.4

2.3.5

2.3.6

2.3.7

2.4.0

2.5.0

2.6.0

2.6.1

2.6.2

2.6.3

2.6.4

2.7.0

2.8.0

2.8.1

2.8.10

2.8.2

2.8.3

2.8.4

2.8.5

2.8.6

2.8.7

2.8.8

2.8.9

2.9.0

2.9.1

2.9.10

2.9.2

2.9.3

2.9.4

2.9.5

2.9.6

2.9.8

2.9.9

3.*

3.0.0

3.0.1

3.0.2

3.0.4

3.1-beta1

3.1-beta2

3.1-beta3

3.1-beta4

3.1.1

3.1.1-beta1

3.1.1-beta2

3.1.1-beta3

3.1.1-beta4

3.1.1-beta5

3.1.1-beta6

3.1.1-beta7

3.1.10

3.1.11

3.1.12

3.1.13

3.1.14

3.1.15

3.1.16

3.1.17

3.1.18

3.1.2

3.1.3

3.1.4

3.1.6

3.1.7

3.1.8

3.1.9

3.2.0

3.2.0-beta1

3.2.0-beta2

3.2.0-beta3

3.2.0-beta4

3.2.0-beta5

3.2.1

3.2.2

3.3.0

3.3.1

3.3.2

3.4.0

3.4.1

3.4.2-beta1

3.4.2-beta2

3.5.0

3.5.1

3.5.2

3.5.3

3.5.4

3.5.5

3.5.6

3.6.0

3.6.1

3.8.0

3.8.0-beta1

3.8.0-beta2

3.8.0-beta3

3.8.0-beta4

3.8.0-beta5

3.8.1

3.8.1-beta1

3.8.1-beta2

3.8.10

3.8.11

3.8.12

3.8.2

3.8.3

3.8.4

3.8.5

3.8.6

3.8.7

3.8.8

3.8.9

4.*

4.0.0

4.0.1

4.0.10

4.0.11

4.0.2

4.0.3

4.0.4

4.0.5

4.0.6

4.0.7

4.0.8

4.0.9

Other

refs/heads/shownotes-module

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1110.json"