WordPress plugin Featured Image from URL SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

CVE-2022-2278

The Featured Image from URL FIFU WordPress plugin before 4.0.1 does not validate, sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2024-37276

CVE-2024-37276 concerns the WordPress plugin Featured Image from URL (FIFU). Public records show a Missing Authorization vulnerability allowing exploitation of incorrectly configured access control security levels in the FIFU component that handles Featured Image from URL. Affected versions are l...

PT-2022-15412 · WordPress · Featured Image From Url

Name of the Vulnerable Software and Affected Versions: Featured Image from URL FIFU WordPress plugin versions prior to 4.0.1 Description: The issue is related to the lack of a CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack...