CVE-2026-13001

eteubert · Podlove Podcast Publisher

The Podlove Podcast Publisher plugin for WordPress contains an arbitrary file upload vulnerability allowing unauthenticated attackers to achieve remote code execution.

Executive summary

An arbitrary file upload vulnerability in the Podlove Podcast Publisher plugin for WordPress allows unauthenticated remote attackers to execute arbitrary code on the host server.

Vulnerability

The vulnerability exists in the podlove_handle_cache_files function, which lacks adequate file type validation. This allows an unauthenticated attacker to upload malicious files to the server, potentially leading to remote code execution.

Business impact

Successful exploitation leads to full server compromise, resulting in potential data theft, site defacement, and the deployment of malicious payloads. With a CVSS score of 9.8, this vulnerability is critical and poses a significant risk to the integrity and availability of the affected WordPress environment.

Remediation

Immediate Action: Update the Podlove Podcast Publisher plugin to version 4.5.2 or later immediately.

Proactive Monitoring: Scan the WordPress directory for suspicious file uploads or unexpected executable scripts, particularly in cache or upload folders.

Compensating Controls: Implement a Web Application Firewall (WAF) to block unauthorized file upload requests and restrict directory execution permissions for the uploads folder.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the ease of exploitation and the severity of the potential impact, administrators must update the plugin immediately. Failure to patch leaves the server vulnerable to complete takeover by remote, unauthenticated actors.