What is CVE-2025-0554?

The Podlove Podcast Publisher plugin for WordPress has a medium-severity stored cross-site scripting vulnerability. This affects multi-site installations and requires administrator-level access to exploit. Immediate remediation is necessary to prevent potential attacks.

What is the severity of CVE-2025-0554?

CVE-2025-0554 has a severity rating of MEDIUM with a CVSS base score of 4.4.

CVE-2025-0554 | Medium Vulnerability in Podlove Podcast Publisher

The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version <= 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

The vulnerability has a CVSS score of 4.4, indicating medium severity. The attack vector is network-based, which suggests that it could be exploited remotely. The complexity of the attack is high, and it requires elevated privileges, specifically administrator-level access, to execute the attack. Given the nature of the vulnerability, organizations using this plugin should prioritize patching to mitigate risks.

Risk to organizations includes potential unauthorized access to sensitive data and the ability for attackers to manipulate content on affected pages. Given the potential impact on user trust and the integrity of the website, organizations should address this vulnerability in their patch cycle as a priority.

No public exploit has been confirmed, and the vulnerability is not currently known to be actively exploited in the wild. However, the complexity and required access level mean that it could still pose a significant risk if left unaddressed.

Vulnerability Details

The vulnerability is classified under CWE-79, indicating a stored cross-site scripting issue. The Podlove Podcast Publisher plugin allows attackers with administrator-level access to inject scripts that can execute in the context of users visiting the affected pages. The vulnerability was published on January 18, 2025, and remains relevant for installations that have not updated to version 4.2.0 or later.

Technical Analysis

The root cause of this vulnerability lies in inadequate input sanitization and output escaping for user inputs, specifically in the Feed Name field. Attackers may leverage this weakness by crafting malicious payloads that, once injected, can execute JavaScript code in the browser of an unsuspecting user. Since the attack complexity is rated as high, it may require specific conditions to be met, such as having administrator access, making it less likely to be exploited by opportunistic attackers.

Risk & Impact Analysis

The real-world deployment risk is significant, especially for organizations that host multi-site WordPress installations. The potential for unauthorized script execution could lead to compromised user sessions, data theft, or the defacement of web pages. This vulnerability can affect user trust and cause reputational damage if exploited. Organizations should assess their exposure and prioritize remediation based on the severity and potential impact on their operations.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected product is the Podlove Podcast Publisher plugin for WordPress, specifically versions up to and including 4.1.25. Users should upgrade to version 4.2.0 or later to mitigate this vulnerability.

Mitigation & Remediation

Organizations should prioritize patching immediately. Upgrading to version 4.2.0 or later of the Podlove Podcast Publisher plugin will remediate this vulnerability. In the absence of an immediate upgrade, disabling the plugin or enforcing strict content security policies can help mitigate risk temporarily. Additionally, organizations should implement regular security assessments to identify and rectify vulnerabilities in their systems.

Detection Guidance

Monitoring logs for unusual activity related to the Feed Name value can provide indicators of attempted attacks. Additionally, organizations should track user permissions and access patterns to detect potential exploitation of this vulnerability.

AppSecure Threat Intelligence Insight

The Podlove Podcast Publisher vulnerability reflects a broader trend of plugin vulnerabilities in WordPress. Security teams should prioritize continuous security testing in their development cycles. For more insights on vulnerability management, organizations can explore our vulnerability management program and consider adopting a rigorous penetration testing methodology to ensure ongoing security resilience against emerging threats. Finally, organizations may benefit from exploring our web application penetration testing best practices to further enhance their security posture.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-0554: Medium Vulnerability in Podlove Podcast Publisher