CVE-2026-13001 - Podlove Podcast Publisher <= 4.5.1 - Unauthenticated Arbitrary File Upload via podlove_image_cache_url Parameter
CVE ID :CVE-2026-13001 Published : July 14, 2026, 8:16 p.m. | 17 minutes ago Description :The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'podlove_handle_cache_files' function in all versions up to, and...