Vendor
A critical vulnerability, CVE-2026-13001, in the Podlove Podcast Publisher plugin for WordPress, impacting versions up to and including 4.5.1, allows unauthenticated attackers to upload arbitrary files due to missing file type validation, potentially leading to remote code execution on the server.