104 matches found
CVE-2023-45003 WordPress Social Feed Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins Social Feed | Custom Feed for Social Media Networks plugin = 2.2.0 versions...
WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)
Software The Awesome Feed – Custom Feed Type Plugin Vulnerable versions = 2.2.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46077 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bf6946983fa1 Credits Nguy...
CVE-2023-44264
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...
CVE-2023-44264 WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...
CVE-2023-44264
CVE-2023-44264 is a stored XSS vulnerability in the WordPress plugin “The Awesome Feed – Custom Feed” (aka wp-facebook-feed) affecting versions
CVE-2023-25042
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Liam Gladdy Storm Consultancy oAuth Twitter Feed for Developers plugin = 2.3.0 versions...
CVE-2023-24412
CVE-2023-24412 describes a stored XSS vulnerability in the Web-Settler Image Social Feed WordPress plugin up to version 1.7.6, requiring admin+ authentication to exploit. The issue is associated with the Image Social Feed/“add-instagram” plugin and is documented across multiple sources (NVD/Red H...
CVE-2023-23804
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
CVE-2023-23804 WordPress HT Feed Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
CVE-2023-22691
Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin = v2.1 versions...
PT-2022-13037 · WordPress · Mitsol Social Post Feed
Name of the Vulnerable Software and Affected Versions: Mitsol Social Post Feed WordPress plugin versions prior to 1.11 Description: The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks. This is possible because some settings are not properly escaped befor...
WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability found in WordPress Social LikeBox & Feed plugin versions = 2.8.4. Solution Update the WordPress Social LikeBox & Feed plugin to the latest available version at least 2.8.5...
CVE-2018-10301
Cross-site scripting XSS vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post...
CVE-2017-16758
Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...
CVE-2016-4885
Cross-site request forgery CSRF vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
WordPress Instagram Feed 1.4.6.2 Cross Site Scripting / Cross Site Request Forgery
------------------------------------------------------------------------ Persistent Cross-Site Scripting in Instagram Feed plugin via CSRF ------------------------------------------------------------------------ Sipke Mellema, July 2016...
BaserCMS Cross-Site Request Forgery Vulnerability (CNVD-2016-08864)
baserCMS is an enterprise-level content management system CMS. A cross-site request forgery vulnerability exists in baserCMS 3.0.10 and prior versions. The vulnerability can be exploited by an attacker to perform unauthorized operations on the server when the Feed plugin is enabled and a user...
baserCMS plugin Feed vulnerable to cross-site request forgery
Overview baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS and bundled plugin Feed contain a cross-site request forgery vulnerability. Masamu Asato of National Institute of Technology, Okinawa College reported this vulnerability to IPA. JPCERT/CC...
WordPress WP Feed Plugin <= 2015.0426 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update this plugin...
WordPress feed plugin Sql Injection
The WordPress feed plugin suffers from a Sql Injection vulnerability. Iranian Exploit DataBase http://exploit.iedb.ir Exploit Title : WordPress feed plugin Sql Injection Author : Iranian Exploit DataBase Discovered By : IeDb Email : [email protected] Home : http://exploit.iedb.ir Software Link ...