14 matches found
WordPress Taeggie Feed Cross-Site Scripting Vulnerability
WordPress Taeggie Feed is a plugin on WordPress that is mainly used to integrate social media content into a website, supporting dynamic syndication on platforms like Facebook, Instagram, Twitter and LinkedIn. WordPress Taeggie Feed suffers from a cross-site scripting vulnerability that originate...
CVE-2025-6382
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's taeggie-feed shortcode in all versions up to, and including, 0.1.10. The plugin’s render method takes the user-supplied name attribute and injects it directly into a...
CVE-2025-6382
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's taeggie-feed shortcode in all versions up to, and including, 0.1.10. The plugin’s render method takes the user-supplied name attribute and injects it directly into a tag - both in the id attribute...
CVE-2025-6382 Taeggie Feed <= 0.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via name Attribute
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's taeggie-feed shortcode in all versions up to, and including, 0.1.10. The plugin’s render method takes the user-supplied name attribute and injects it directly into a tag - both in the id attribute...
CVE-2025-6382 Taeggie Feed <= 0.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via name Attribute
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's taeggie-feed shortcode in all versions up to, and including, 0.1.10. The plugin’s render method takes the user-supplied name attribute and injects it directly into a tag - both in the id attribute...
CVE-2025-6382
CVE-2025-6382 — Taeggie Feed (WordPress) Stored XSS in plugin versions up to 0.1.10. The render() function injects user-supplied data from the name attribute directly into a [removed] tag, including the id and within jQuery.getScript(), without proper escaping. This enables authenticated attacker...
PT-2025-30647 · WordPress · Taeggie Feed
Name of the Vulnerable Software and Affected Versions: Taeggie Feed plugin for WordPress versions up to and including 0.1.10 Description: The Taeggie Feed plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s taeggie-feed shortcode. The render method incorporates...
WordPress plugin Taeggie Feed 跨站脚本漏洞
WordPress Taeggie Feed is a plugin on WordPress that is mainly used to integrate social media content into a website, supporting dynamic syndication on platforms like Facebook, Instagram, Twitter and LinkedIn. WordPress Taeggie Feed suffers from a cross-site scripting vulnerability that originate...
CVE-2024-11748
CVE-2024-11748 : The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s taeggie-feed shortcode in versions up to 0.1.9 due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires Contributor+ privileges...
CVE-2024-11748 Taeggie Feed <= 0.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'taeggie-feed' shortcode in all versions up to, and including, 0.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-11748 Taeggie Feed <= 0.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'taeggie-feed' shortcode in all versions up to, and including, 0.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress plugin Taeggie Feed 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...
PT-2024-17228 · WordPress · Taeggie Feed
Name of the Vulnerable Software and Affected Versions: Taeggie Feed plugin for WordPress versions up to, and including, 0.1.9 Description: The issue is related to stored cross-site scripting via the plugin's 'taeggie-feed' shortcode due to insufficient input sanitization and output escaping on...
WordPress Taeggie Feed plugin <= 0.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin Taeggie Feed versions = 0.1.9...