Primary

Context

Blubrry PowerPress Podcasting Plugin PHP Object Injection Vulnerability

Vulnerability

Patched

A deserialization vulnerability allowing object injection has been identified in the Blubrry PowerPress Podcasting plugin, affecting versions through 11.15.10. This vulnerability could lead to various impacts, including code execution, SQL injection, path traversal, and denial of service, if exploited within a proper PHP object injection chain.

Impact

Exploitation of this vulnerability could allow for PHP object injection, potentially leading to code execution, SQL injection, path traversal, denial of service, and more, depending on the presence of a suitable object injection chain.

Remediation

Users of the Blubrry PowerPress Podcasting plugin should update to version 11.15.11 or later. Patchstack users can enable auto-update for vulnerable plugins.

Added: Mar 5, 2026, 7:58 AM

Updated: Mar 5, 2026, 7:58 AM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

7.5

exploitability

4.8

remediation

7.7

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

7.5

exploitability

4.8

remediation

7.7

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Blubrry PowerPress Podcasting Plugin PHP Object Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Blubrry PowerPress Podcasting

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating