CVE-2024-4860

CVE-2024-4860 affects the WordPress plugin RSS Aggregator (WP RSS Aggregator) for versions < 4.23.9. The issue is a Cross‑Site Scripting (XSS) vulnerability caused by insufficient sanitization of the notice_id GET parameter. Connected sources confirm the detail and note the specific affected r...

WordPress plugin RSS Aggregator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-33160 · WordPress · Wordpress Rss Aggregator

Name of the Vulnerable Software and Affected Versions: WordPress RSS Aggregator versions prior to 4.23.9 Description: The issue is related to a Cross-Site Scripting XSS vulnerability. This vulnerability is caused by the lack of sanitization of the notice id GET parameter. Recommendations: For...

Code injection

On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection BFD will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the devic...