46 matches found
EUVD-2025-201884
The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not sanitize and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2025-13031
The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not sanitize and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2025-13031 WPeMatico RSS Feed Fetcher < 2.8.13 - Contributor+ Stored XSS
The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not sanitize and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2025-13031
The CVE-2025-13031 advisory concerns the WordPress plugin WPeMatico RSS Feed Fetcher (WPematico) prior to version 2.8.13. Public details in connected sources confirm that the flaw results from insufficient sanitization/escaping of certain settings, enablingStored Cross-Site Scripting (XSS) by hig...
CVE-2025-13031 WPeMatico RSS Feed Fetcher < 2.8.13 - Contributor+ Stored XSS
The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not sanitize and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
WordPress plugin WPeMatico RSS Feed Fetcher 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-11917
The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.11 via the wpematicotestfeed function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to...
CVE-2025-11917 WPeMatico RSS Feed Fetcher <= 2.8.11 - Authenticated (Subscriber+) Server-Side Request Forgery via wpematico_test_feed
The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.11 via the wpematicotestfeed function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to...
CVE-2025-11917
The CVE-2025-11917 entry concerns the WordPress WPeMatico RSS Feed Fetcher plugin. A Server-Side Request Forgery (SSRF) flaw exists in versions up to and including 2.8.11, exploitable via the wpematico_test_feed() function. Authenticated attackers with Subscriber-level access or higher can cause ...
WordPress plugin WPeMatico RSS Feed Fetcher 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...
CVE-2025-49922
Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.3...
EUVD-2025-35536
Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.3...
CVE-2025-49922
Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.3...
CVE-2025-49922 WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.3...
CVE-2025-49922 WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.3...
CVE-2025-49922
The CVE-2025-49922 entry concerns the WordPress WPeMatico RSS Feed Fetcher plugin (
WordPress plugin WPeMatico RSS Feed Fetcher 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2021-11705
Malware in sbrugna...
EUVD-2025-22771
Malicious code in bioql PyPI...
EUVD-2025-30697
Malicious code in bioql PyPI...