⚠️ Make sure your Podlove Publisher is updated to v4.2.7 (published September 20). It fixes an exploit (published September 22) that is actively being used to upload malicious code to WordPress instances.

CVE: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/podlove-podcasting-plugin-for-wordpress/podlove-podcast-publisher-426-unauthenticated-arbitrary-file-upload