CVE-2025-70336 – PodcastGenerator Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-70336

Published : Jan. 28, 2026, 4:16 p.m. | 51 minutes ago

Description : A Stored cross-site scripting (XSS) vulnerability in ‘Create New Live Item’ in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the ‘TITLE’, ‘SHORT DESCRIPTION’ and ‘LONG DESCRIPTION’ parameters. The saved payload gets executed on ‘View All Live Items’ and ‘Live Stream’ pages.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…