VYPR

Rss Aggregator By Feedzy

by Themeisle

Source repositories

CVEs (8)

  • CVE-2024-1317HigFeb 29, 2024
    risk 0.50cvss 8.8epss 0.01

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to SQL Injection via the ‘search_key’ parameter in all versions up to, and including, 4.4.2 due to insufficient escaping on the user supplied…

  • CVE-2023-6801MedJan 6, 2024
    risk 0.42cvss 6.4epss 0.00

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output…

  • CVE-2023-6805MedApr 17, 2024
    risk 0.35cvss 6.4epss 0.00

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for…

  • CVE-2023-6877MedApr 7, 2024
    risk 0.35cvss 6.4epss 0.00

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.3.3 due to insufficient input sanitization…

  • CVE-2024-1318MedFeb 29, 2024
    risk 0.35cvss 6.5epss 0.01

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'feedzy_wizard_step_process' and 'import_status' functions in all…

  • CVE-2023-6798MedJan 6, 2024
    risk 0.35cvss 5.4epss 0.00

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check when updating settings in all versions up to, and including, 4.3.2. This makes…

  • CVE-2024-1092MedFeb 5, 2024
    risk 0.28cvss 4.3epss 0.00

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the feedzy dashboard in all versions up to, and including, 4.4.1. This…

  • CVE-2020-36758MedOct 20, 2023
    risk 0.21cvss 4.3epss 0.00

    The RSS Aggregator by Feedzy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.2. This is due to missing or incorrect nonce validation on the save_feedzy_post_type_meta() function. This makes it possible for unauthenticated…