{"id":"CVE-2024-52393","summary":"WordPress Podlove Podcast Publisher plugin \u003c= 4.1.15 - Admin+ Remote Code Execution (RCE) vulnerability","details":"Deserialization of Untrusted Data vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress.This issue affects Podlove Podcast Publisher: from n/a through \u003c= 4.1.15.","modified":"2026-05-18T05:59:02.552469684Z","published":"2024-11-14T17:23:41.498Z","database_specific":{"cwe_ids":["CWE-82"],"cna_assigner":"Patchstack","unresolved_ranges":[{"extracted_events":[{"last_affected":"4.1.15"}],"source":"AFFECTED_FIELD"}],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52393.json"},"references":[{"type":"WEB","url":"https://wordpress.org/plugins"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52393.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52393"},{"type":"ADVISORY","url":"https://patchstack.com/database/Wordpress/Plugin/podlove-podcasting-plugin-for-wordpress/vulnerability/wordpress-podlove-podcast-publisher-plugin-4-1-15-admin-remote-code-execution-rce-vulnerability?_s_id=cve"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/podlove/podlove-publisher","events":[{"introduced":"0"},{"last_affected":"2ab86bdb491dec8932e3c16950c652fd6cdc8f7d"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"4.1.15"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:*"}}],"versions":["4.1.15","4.1.14","4.1.13","4.1.12","4.1.11","4.1.10","4.1.9","4.1.8","4.1.7","4.1.6","4.1.5","4.1.4","4.1.3","4.1.2","4.1.1","4.1.0","4.0.15","4.0.14","4.0.13","4.0.12","4.0.11","4.0.10","4.0.9","4.0.8","4.0.7","4.0.6","4.0.5","4.0.4","4.0.3","4.0.2","4.0.1","4.0.0","3.8.12","3.8.11","3.8.10","3.8.9","3.8.8","3.8.7","3.8.6","3.8.5","3.8.4","3.8.3","3.8.2","3.8.1","3.8.1-beta2","3.8.1-beta1","3.8.0","3.8.0-beta5","3.8.0-beta4","3.8.0-beta3","3.8.0-beta2","3.8.0-beta1","3.6.1","3.6.0","3.5.6","3.5.5","3.5.4","3.5.3","3.5.2","3.5.1","3.5.0","3.4.2-beta2","3.4.2-beta1","3.4.1","3.4.0","3.3.2","3.3.1","3.3.0","3.2.2","3.2.1","3.2.0","3.2.0-beta5","3.2.0-beta4","3.2.0-beta3","3.2.0-beta2","3.2.0-beta1","3.1.18","3.1.17","3.1.16","3.1.15","3.1.14","3.1.13","3.1.12","3.1.11","3.1.10","3.1.9","3.1.8","3.1.7","3.1.6","3.1.4","3.1.3","3.1.1-beta7","3.1.2","3.1.1","3.1.1-beta6","3.1.1-beta5","3.1.1-beta4","3.1.1-beta3","3.1.1-beta2","3.1.1-beta1","3.1-beta4","3.1-beta3","3.1-beta2","3.1-beta1","3.0.4","3.0.2","3.0.1","3.0.0","2.11.4","2.11.3","2.11.2","2.11.1","2.11.0","refs/heads/shownotes-module","2.10.0","2.9.10","2.9.9","2.9.8","2.9.6","2.9.5","2.9.4","2.9.3","2.9.2","2.9.1","2.9.0","2.8.10","2.8.9","2.8.8","2.8.7","2.8.6","2.8.5","2.8.4","2.8.3","2.8.2","2.8.1","2.8.0","2.7.0","2.6.4","2.6.3","2.6.2","2.6.1","2.6.0","2.5.0","2.4.0","2.3.7","2.3.6","2.3.5","2.3.4","2.3.3","2.3.2","2.3.1","2.3.0","2.2.0","2.1.3","2.1.2","2.1.1","2.1.0","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","1.11.2-alpha","1.11.1-alpha","1.11-alpha","1.10.23-alpha","1.10.22-alpha","1.10.21-alpha","1.10.20-alpha","1.10.19-alpha","1.10.18-alpha","1.10.17-alpha","1.10.16-alpha","1.10.15-alpha","1.10.14-alpha","1.10.11-alpha","1.10.10-alpha","1.10.9-alpha","1.10.8-alpha","1.10.7-alpha","1.10.6-alpha","1.10.5-alpha","1.10.4-alpha","1.10.3-alpha","1.9.12-alpha","1.9.11-alpha","1.9.10-alpha","1.9.9-alpha","1.9.8-alpha","1.9.5-alpha","1.9.6-alpha","1.9.4-alpha","1.9.3-alpha"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52393.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}]}