Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:18 a.m.7 views

CVE-2024-1317

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to SQL Injection via the ‘searchkey’ parameter in all versions up to, and including, 4.4.2 due to insufficient escaping on the user supplied parameter and lack of...

8.8CVSS7.2AI score0.00714EPSS
Exploits0References1
Circl
Circl
added 2024/03/03 10:16 a.m.5 views

CVE-2024-1317

creationtimestamp| type| source ---|---|--- 2024-03-03 10:16:44+00:00| seen| https://t.me/ctinow/198647...

8.8CVSS8.2AI score0.00714EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.28 views

CVE-2024-1317 RSS Aggregator by Feedzy <= 4.4.2 - Authenticated(Contributor+) SQL Injection

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to SQL Injection via the ‘searchkey’ parameter in all versions up to, and including, 4.4.2 due to insufficient escaping on the user supplied parameter and lack of...

8.8CVSS8.9AI score0.00714EPSS
Exploits0References3
CVE
CVE
added 2024/02/20 6:56 p.m.92 views

CVE-2024-1317

The CVE-2024-1317 vulnerability affects the WordPress plugin RSS Aggregator by Feedzy (slug feedzy-rss-feeds). A SQL Injection exists in the search_key parameter for versions up to 4.4.2 due to insufficient escaping and improper use of prepare in a LIKE clause, allowing authenticated attackers wi...

8.8CVSS8.6AI score0.00714EPSS
Exploits0References3Affected Software1
Wordfence Blog
Wordfence Blog
added 2024/02/20 3:4 p.m.21 views

SQL Injection Vulnerability Patched in RSS Aggregator by Feedzy WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 1st, 2024, during our second Bug Bounty...

6.5CVSS7.8AI score0.00714EPSS
Exploits0
Patchstack
Patchstack
added 2024/02/12 12:0 a.m.14 views

WordPress RSS Aggregator by Feedzy Plugin <= 4.4.2 is vulnerable to SQL Injection

Software RSS Aggregator by Feedzy Type Plugin Vulnerable versions = 4.4.2 Fixed in 4.4.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1317 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID a5aca4f5509d Credits Lucio Sá Required privilege Contributor...

8.8CVSS6.8AI score0.00714EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder