CVE-2024-32139

Source
https://cve.org/CVERecord?id=CVE-2024-32139
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-32139.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-32139
Published
2024-04-15T07:18:06.270Z
Modified
2026-07-15T01:49:20.535546074Z
Severity
  • 8.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L CVSS Calculator
Summary
WordPress Podlove Podcast Publisher plugin <= 4.0.12 - SQL Injection vulnerability
Details

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.12.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32139.json",
    "cwe_ids": [
        "CWE-89"
    ],
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "4.0.12"
                }
            ],
            "source": "AFFECTED_FIELD"
        },
        {
            "extracted_events": [
                {
                    "fixed": "4.0.12"
                }
            ],
            "source": "DESCRIPTION"
        }
    ],
    "cna_assigner": "Patchstack"
}
References

Affected packages

Git / github.com/podlove/podlove-publisher

Affected ranges

Type
GIT
Repo
https://github.com/podlove/podlove-publisher
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:*",
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.12"
        }
    ]
}

Affected versions

1.*
1.10.10-alpha
1.10.11-alpha
1.10.14-alpha
1.10.15-alpha
1.10.16-alpha
1.10.17-alpha
1.10.18-alpha
1.10.19-alpha
1.10.20-alpha
1.10.21-alpha
1.10.22-alpha
1.10.23-alpha
1.10.3-alpha
1.10.4-alpha
1.10.5-alpha
1.10.6-alpha
1.10.7-alpha
1.10.8-alpha
1.10.9-alpha
1.11-alpha
1.11.1-alpha
1.11.2-alpha
1.9.10-alpha
1.9.11-alpha
1.9.12-alpha
1.9.3-alpha
1.9.4-alpha
1.9.5-alpha
1.9.6-alpha
1.9.8-alpha
1.9.9-alpha
2.*
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.1.0
2.1.1
2.1.2
2.1.3
2.10.0
2.11.0
2.11.1
2.11.2
2.11.3
2.11.4
2.2.0
2.3.0
2.3.1
2.3.2
2.3.3
2.3.4
2.3.5
2.3.6
2.3.7
2.4.0
2.5.0
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.7.0
2.8.0
2.8.1
2.8.10
2.8.2
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.9.0
2.9.1
2.9.10
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.8
2.9.9
3.*
3.0.0
3.0.1
3.0.2
3.0.4
3.1-beta1
3.1-beta2
3.1-beta3
3.1-beta4
3.1.1
3.1.1-beta1
3.1.1-beta2
3.1.1-beta3
3.1.1-beta4
3.1.1-beta5
3.1.1-beta6
3.1.1-beta7
3.1.10
3.1.11
3.1.12
3.1.13
3.1.14
3.1.15
3.1.16
3.1.17
3.1.18
3.1.2
3.1.3
3.1.4
3.1.6
3.1.7
3.1.8
3.1.9
3.2.0
3.2.0-beta1
3.2.0-beta2
3.2.0-beta3
3.2.0-beta4
3.2.0-beta5
3.2.1
3.2.2
3.3.0
3.3.1
3.3.2
3.4.0
3.4.1
3.4.2-beta1
3.4.2-beta2
3.5.0
3.5.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.6
3.6.0
3.6.1
3.8.0
3.8.0-beta1
3.8.0-beta2
3.8.0-beta3
3.8.0-beta4
3.8.0-beta5
3.8.1
3.8.1-beta1
3.8.1-beta2
3.8.10
3.8.11
3.8.12
3.8.2
3.8.3
3.8.4
3.8.5
3.8.6
3.8.7
3.8.8
3.8.9
4.*
4.0.0
4.0.1
4.0.10
4.0.11
4.0.12
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
Other
refs/heads/shownotes-module

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-32139.json"