Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/08/25 5:32 a.m.4 views

CVE-2025-7828

The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS6.8AI score0.00188EPSS
Exploits0References1
NVD
NVD
added 2025/08/23 5:15 a.m.5 views

CVE-2025-7828

The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS0.00188EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/23 4:25 a.m.8 views

CVE-2025-7828 WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion

The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS0.00188EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/23 4:25 a.m.1 views

CVE-2025-7828 WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion

The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS6AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2025/08/23 4:25 a.m.18 views

CVE-2025-7828

CVE-2025-7828 affects the WordPress plugin WP Filter & Combine RSS Feeds (versions up to 0.4). Root cause: missing capability check in post_listing_page(), allowing authenticated attackers with Contributor-level access and above to delete feeds (unauthorized modification of data). Public details ...

4.3CVSS6.4AI score0.00188EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/23 12:0 a.m.5 views

PT-2025-34510 · WordPress · Wp Filter & Combine Rss Feeds

Name of the Vulnerable Software and Affected Versions: WP Filter & Combine RSS Feeds plugin for WordPress versions up to and including 0.4 Description: The WP Filter & Combine RSS Feeds plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check...

4.3CVSS6.3AI score0.00188EPSS
Exploits0References6
Rows per page
Query Builder