CVE-2025-11917 WPeMatico RSS Feed Fetcher <= 2.8.11 - Authenticated (Subscriber+) Server-Side Request Forgery via wpematico_test_feed

The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.11 via the wpematicotestfeed function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to...

CVE-2021-4409

The WooCommerce Etsy Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the etcpfdeletefeed function. This makes it possible for unauthenticated attackers to delete an export...

CVE-2022-41427

Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4AvcFrameParser::Feed function in mp4mux...

CVE-2022-41427

Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4AvcFrameParser::Feed function in mp4mux...

CVE-2022-41427

CVE-2022-41427 relates to Bento4 v1.6.0-639, where a memory leak is present in the AP4_AvcFrameParser::Feed function within the mp4mux component. The issue is documented across multiple sources (e.g., NVD, OSV, Red Hat, Ubuntu/Nessus references) and is identified as a memory leak vulnerability fo...

PT-2022-25861 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A memory leak was discovered in the AP4 AvcFrameParser::Feed function in mp4mux. Recommendations: For Bento4 version 1.6.0-639, consider updating to a newer version that contains a fix for this issue,...

CVE-2020-26668

A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function...