CVE-2025-10147 | Eric Teubert Podlove Podcast Publisher Plugin up to 4.2.6 on WordPress move_as_original_file unrestricted upload

Inserito da Angelo Barbosa | Set 23, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Eric Teubert Podlove Podcast Publisher Plugin up to 4.2.6 on WordPress. This affects the function move_as_original_file. The manipulation leads to unrestricted upload.

This vulnerability is listed as CVE-2025-10147. The attack may be initiated remotely. There is no available exploit.

CVE-2025-10147 | Eric Teubert Podlove Podcast Publisher Plugin up to 4.2.6 on WordPress move_as_original_file unrestricted upload

Post correlati

CVE-2024-34199 | TinyWeb up to 1.94 Request Line denial of service

CVE-2024-20724 | Adobe Substance 3D Painter up to 9.1.1 out-of-bounds (apsb24-04)

CVE-2024-23349 | Apache Answer up to 1.2.1 Summary cross site scripting

CVE-2023-52113 | Huawei HarmonyOS/EMUI ActivityManagerService Module denial of service