VYPR
Vendor

Rachelos

Products
2
CVEs
4
Across products
6
Status
Private

Products

2

Recent CVEs

4
  • CVE-2025-13174MedNov 14, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function do_job of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument web_hook_url can lead to…

  • CVE-2026-2216MedFeb 9, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in rachelos WeRSS we-mp-rss up to 1.4.8. Impacted is the function download_export_file of the file apis/tools.py. Executing a manipulation of the argument filename can lead to path traversal. The attack can be launched remotely. The exploit has been…

  • CVE-2026-2215LowFeb 9, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRET_KEY results in use of default cryptographic key. The attack…

  • CVE-2026-2825LowFeb 20, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in rachelos WeRSS we-mp-rss up to 1.4.8. This impacts the function fix_html of the file tools/fix.py of the component Article Module. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has…