26 matches found
CVE-2025-32528
CVE-2025-32528 affects the WordPress plugin iCal Feeds (MaximeValette) up to version 1.5.3. The issue is a Reflected XSS due to improper input neutralization during web page generation. Provided records (NVD/Red Hat) confirm the vulnerability, its CVE identifier, and the affected range (n/a throu...
CVE-2025-32528 WordPress iCal Feeds Plugin <= 1.5.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in maximevalette iCal Feeds ical-feeds allows Reflected XSS.This issue affects iCal Feeds: from n/a through = 1.5.3...
WordPress Plugin AI Twitter Feeds 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin AI Twitter Feeds A...
CVE-2023-23722
CVE-2023-23722 affects the WordPress WP eBay Product Feeds plugin up to version 3.3.1. The flaw is an admin+ Stored XSS due to insufficient sanitisation/escaping of settings, exploitable by high-privilege administrators (requires user interaction). PatchStack and WPVulnDB confirm a fix in version...
Server side request forgery (ssrf)
Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...
WordPress Import XML and RSS Feeds plugin <= 2.0.1 - Server-Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability discovered by Suzhou Aurora Infinity Information Technology Co., Ltd. in WordPress Import XML and RSS Feeds plugin versions = 2.0.1. Solution Update the WordPress Import XML and RSS Feeds plugin to the latest available version at least 2.0.2...