VYPR

Taeggie Feed

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-11748MedDec 18, 2024
    risk 0.42cvss 6.4epss 0.00

    The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'taeggie-feed' shortcode in all versions up to, and including, 0.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible…

  • CVE-2025-6382MedJul 24, 2025
    risk 0.35cvss 6.4epss 0.00

    The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's taeggie-feed shortcode in all versions up to, and including, 0.1.10. The plugin’s render() method takes the user-supplied name attribute and injects it directly into a …