WordPress Podlove Podcast Publisher Plugin <= 3.8.2 is vulnerable to Cross Site Scripting (XSS)

Vulnerability

The Podlove Podcast Publisher plugin for WordPress, versions 3.8.2 and earlier, contains a stored cross-site scripting (XSS) vulnerability [1]. This flaw affects authenticated users with administrator-level privileges who can inject malicious scripts via input fields that are not properly sanitized before being stored and later rendered in the admin interface.

Exploitation

An attacker must have administrator-level access to the WordPress instance where the vulnerable plugin is installed. Once authenticated as an admin, the attacker can inject arbitrary JavaScript payloads into plugin settings or podcast episode fields that are not sanitized. The injected script is then stored and executed when other admin users view the affected pages, leading to XSS [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of another administrator's browser session. This can lead to session hijacking, forced administrative actions, or defacement, compromising the integrity and confidentiality of the WordPress site [1].

Mitigation

The vulnerability is fixed in version 4.5.0 of the Podlove Podcast Publisher plugin [1]. Users should update to this or a later version immediately. If updating is not possible, consider restricting admin access to trusted users only, as the vulnerability requires admin-level privileges.