Cross site scripting

The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting XSS within the "visibility" parameter...

WordPress plugin FeedWordPress 跨站脚本漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A security vulnerability exists in previous versions of the WordPress plugin FeedWordPress 2022.0123, which stems from a lack of effective filtering and escaping of the "visibility" parameter. No detail...

FeedWordPress < 2022.0123 - Reflected Cross-Site Scripting (XSS)

The plugin is affected by a Reflected Cross-Site Scripting XSS within the "visibility" parameter. https://example.com/wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D2+onerror%3Dalert%28origin%29%3E...

WordPress FeedWordPress plugin <= 2021.0713 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Hung Chien in WordPress FeedWordPress plugin versions = 2021.0713. Solution Update the WordPress FeedWordPress plugin to the latest available version at least 2022.0123...