6 matches found
CVE-2025-7828
The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-7828
The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-7828 WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion
The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-7828 WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion
The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-7828
CVE-2025-7828 affects the WordPress plugin WP Filter & Combine RSS Feeds (versions up to 0.4). Root cause: missing capability check in post_listing_page(), allowing authenticated attackers with Contributor-level access and above to delete feeds (unauthorized modification of data). Public details ...
PT-2025-34510 · WordPress · Wp Filter & Combine Rss Feeds
Name of the Vulnerable Software and Affected Versions: WP Filter & Combine RSS Feeds plugin for WordPress versions up to and including 0.4 Description: The WP Filter & Combine RSS Feeds plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check...