Blubrry Powerpress Plugin Security rist

  • Resolved podcastguy1221

    (@podcastguy1221)


    1 year, 6 months ago

    I use Blubrry.com for my podcast hosting and my web host person is screaming that the powerpress plugin is a very large security vulnerability. Has anyone heard about this and does anyone know if there is a fix?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Dave Clements

    (@daveclements)

    We’re aware of this issue and are actively working on a fix, which should release very soon.

    We also know this about the vulnerability:

    • A user needs to have contributor-level or higher access to your website in order to even attempt to do something related to the issue.
    • This means that it would only affect your website if you (or someone with a login + contributor access to your website) creates a post and intentionally enters a bad podcast media url in the episode box. Even then, risk of exposure is low due to pre-existing checks.  However, we will put out a patch in the next release of PowerPress to tighten the checks further.
    Plugin Support Dave Clements

    (@daveclements)

    As of version 11.0.7 this issue should be resolved.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Blubrry Powerpress Plugin Security rist’ is closed to new replies.