WP-Safety

Selfhost Podcasting – Create Podcasts Easily Security & Risk Analysis

wordpress.org/plugins/selfhost-podcasting

Host and publish podcast from your WordPress dashboard. Clean, lightweight, and Apple/Spotify-compliant podcasting RSS feeds.

10 active installs v1.2.2 PHP 7.4+ WP 6.0+ Updated Mar 3, 2026
feed-to-audiopodcastpodcasterpodcastingrss-feed
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Selfhost Podcasting – Create Podcasts Easily Safe to Use in 2026?

Generally Safe

Score 100/100

Selfhost Podcasting – Create Podcasts Easily has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The selfhost-podcasting v1.2.2 plugin exhibits a generally good security posture, with several positive indicators. The complete absence of known CVEs, raw SQL queries, and critical/high severity taint flows suggests a commitment to secure coding practices. The high percentage of properly escaped output and the presence of nonce and capability checks are also reassuring. However, the presence of two AJAX handlers without authentication checks represents a significant concern. While the attack surface is relatively small, these unprotected entry points could potentially be exploited if they handle user-supplied data in a way that leads to privilege escalation or other malicious actions. The lack of vulnerability history is positive but doesn't entirely mitigate the risk posed by the identified unprotected AJAX handlers. Overall, the plugin is relatively secure, but the two unprotected AJAX endpoints warrant immediate attention to avoid potential security breaches.

Key Concerns

  • Unprotected AJAX handlers
Vulnerabilities
None known

Selfhost Podcasting – Create Podcasts Easily Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Selfhost Podcasting – Create Podcasts Easily Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
9
350 escaped
Nonce Checks
16
Capability Checks
6
File Operations
10
External Requests
2
Bundled Libraries
0

Output Escaping

97% escaped359 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
fetch_media_url (includes\api\class-audio.php:275)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Selfhost Podcasting – Create Podcasts Easily Attack Surface

Entry Points15
Unprotected2

AJAX Handlers 15

authwp_ajax_sh_podcasting_create_podcastadmin\inc\class-admin-ajax.php:43
authwp_ajax_sh_podcasting_delete_podcastadmin\inc\class-admin-ajax.php:44
authwp_ajax_sh_podcasting_save_podcastadmin\inc\class-admin-ajax.php:45
authwp_ajax_sh_podcasting_create_episodeadmin\inc\class-admin-ajax.php:46
authwp_ajax_sh_podcasting_delete_episodeadmin\inc\class-admin-ajax.php:47
authwp_ajax_sh_podcasting_update_integrationadmin\inc\class-admin-ajax.php:48
authwp_ajax_sh_podcasting_update_optionsadmin\inc\class-admin-ajax.php:49
authwp_ajax_sh_podcasting_fetch_episodesadmin\inc\class-admin-ajax.php:50
authwp_ajax_sh_podcasting_import_episodesadmin\inc\class-admin-ajax.php:51
authwp_ajax_sh_podcasting_save_settingsadmin\inc\class-admin-ajax.php:52
authwp_ajax_sh_podcasting_upload_mediaadmin\inc\class-admin-ajax.php:53
authwp_ajax_sh_podcasting_clear_errorsadmin\inc\class-admin-ajax.php:54
authwp_ajax_sh_podcasting_resume_jobsadmin\inc\class-admin-ajax.php:55
authwp_ajax_pp_fetch_media_urladmin\inc\class-integrations.php:39
noprivwp_ajax_pp_fetch_media_urladmin\inc\class-integrations.php:40
WordPress Hooks 18
actionadmin_menuadmin\inc\class-admin-page.php:37
filterselfhost_podcasting_insert_post_attrsadmin\inc\class-integrations.php:33
filterpodcast_player_fetch_method_classadmin\inc\class-integrations.php:35
filterpodcast_player_block_displayadmin\inc\class-integrations.php:36
filterpodcast_player_shcode_displayadmin\inc\class-integrations.php:37
filterpodcast_player_script_dataadmin\inc\class-integrations.php:38
filtersh_podcasting_item_markup_arrayadmin\inc\class-integrations.php:43
filterselfhost_podcasting_update_integration_dataadmin\inc\class-integrations.php:44
filtersh_podcasting_bg_task_upload_mediaadmin\inc\class-integrations.php:47
filtersh_podcasting_bg_task_delete_mediaadmin\inc\class-integrations.php:48
actioninitadmin\inc\class-register.php:32
filtercustom_menu_orderadmin\inc\class-register.php:33
filtermenu_orderadmin\inc\class-register.php:34
actioninitadmin\inc\class-register.php:35
filterrest_authentication_errorsadmin\inc\class-register.php:38
actiondelete_postadmin\inc\class-register.php:43
actionshutdownincludes\api\class-background-jobs.php:96
actionplugins_loadedselfhost-podcasting.php:92
Maintenance & Trust

Selfhost Podcasting – Create Podcasts Easily Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 3, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Selfhost Podcasting – Create Podcasts Easily Alternatives

Podcast Player – Your Podcasting Companion

Podcast Player – Your Podcasting Companion

podcast-player

A
100

Showcase your podcast only using podcasting feed url. Use widget, shortcode or editor block to display podcast player anywhere on your site.

10K No CVEs
Captivate Sync

Captivate Sync

captivatesync-trade

A
95

Captivate Sync™ is a WordPress plugin maintained and developed by Captivate, part of the Rebel Base Media family. With our background in Podcast Websi …

1K 3 CVEs
fresh Podcaster

fresh Podcaster

fresh-podcaster

A
85

“fresh Podcaster” is a simple yet customizable plugin to embed podcasts in your posts and pages. Just add a shortcode anywhere.

10 No CVEs
Podcast Searcher by Clarify

Podcast Searcher by Clarify

podcast-searcher-by-clarify

A
85

The Clarify plugin allows you to make any audio or video embedded in your posts, pages, etc searchable via the standard WordPress search box.

10 No CVEs
PowerPress Podcasting plugin by Blubrry

PowerPress Podcasting plugin by Blubrry

powerpress

A
88

No. 1 Podcasting plugin for WordPress.

30K 19 CVEs
Developer Profile

Selfhost Podcasting – Create Podcasts Easily Developer Profile

Veda

2 plugins · 10K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Selfhost Podcasting – Create Podcasts Easily

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/selfhost-podcasting/admin/css/admin-page.css/wp-content/plugins/selfhost-podcasting/admin/js/admin-page.js/wp-content/plugins/selfhost-podcasting/admin/js/podcast-details.js/wp-content/plugins/selfhost-podcasting/admin/js/manage-podcasts.js/wp-content/plugins/selfhost-podcasting/admin/js/help-support.js
Script Paths
/wp-content/plugins/selfhost-podcasting/admin/js/admin-page.js/wp-content/plugins/selfhost-podcasting/admin/js/podcast-details.js/wp-content/plugins/selfhost-podcasting/admin/js/manage-podcasts.js/wp-content/plugins/selfhost-podcasting/admin/js/help-support.js
Version Parameters
selfhost-podcasting/admin/css/admin-page.css?ver=selfhost-podcasting/admin/js/admin-page.js?ver=selfhost-podcasting/admin/js/podcast-details.js?ver=selfhost-podcasting/admin/js/manage-podcasts.js?ver=selfhost-podcasting/admin/js/help-support.js?ver=

HTML / DOM Fingerprints

CSS Classes
selfhost-podcastingadmin-pageselfhost-podcasting-adminselfhost-podcasting-action-feedback
HTML Comments
<!-- Plugin Admin Page. --><!-- Plugin Admin Page. --><!-- Register admin actions to WP hooks. --><!-- Add admin page. -->+3 more
Data Attributes
data-page='manage-podcasts'data-page='help-support'data-page='podcast-details'
JS Globals
Sh_Podcasting
FAQ

Frequently Asked Questions about Selfhost Podcasting – Create Podcasts Easily