3 matches found
CVE-2023-6877
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 4.3.3 due to insufficient input sanitization and output escaping on...
WordPress RSS Aggregator by Feedzy Plugin <= 4.3.3 is vulnerable to Cross Site Scripting (XSS)
Software RSS Aggregator by Feedzy Type Plugin Vulnerable versions = 4.3.3 Fixed in 4.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6877 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ab61b311f70c Credits Colin Xu Requir...
CVE-2023-6877
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 4.3.3 due to insufficient input sanitization and output escaping on...