Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE

The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell. id: CVE-2023-4521 info: name: Import XML and RSS Feeds 2.1.5 - Unauthenticated RCE author: princechaddha severity: critical description: The Import XML and RS...

Server-side Request Forgery (SSRF)

Overview phanan/koel is a personal audio streaming service. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the processing of unvalidated enclosure URLs in podcast episode feeds. An attacker can access sensitive internal resources and exfiltrate data by...

CVE-2026-44658

Zen is a firefox-based browser. Prior to 1.19.12b, RSS feed URLs entered by the user are validated to http: or https: in promptForFeedUrl, but item links inside the feed are not subject to the same restriction. The provider maps each RSS/Atom item link into item.url, filters only for presence and...

CVE-2025-11128

CVE-2025-11128 (Feedzy RSS Feeds Lite) is an SSRF vulnerability in the RSS Aggregator by Feedzy plugin for WordPress. The flaw affects all versions up to 5.1.0 and is exploitable by authenticated attackers with Subscriber+ privileges via the feedzy_sanitize_feeds function, enabling web requests f...

EUVD-2009-0132

Malware in sbrugna...

EUVD-2007-1672

Malware in sbrugna...

EUVD-2016-5048

Malware in sbrugna...

EUVD-2005-4518

Malware in sbrugna...

EUVD-2005-3813

Malware in sbrugna...

EUVD-2014-5133

Malware in sbrugna...

EUVD-2011-0270

Malware in sbrugna...

EUVD-2006-4648

Malware in sbrugna...

EUVD-2012-1966

Malware in sbrugna...

EUVD-2025-26126

Malicious code in bioql PyPI...

EUVD-2025-12525

Malicious code in bioql PyPI...

EUVD-2023-26853

Malicious code in bioql PyPI...

EUVD-2024-44832

Malicious code in bioql PyPI...

EUVD-2024-29188

Malicious code in bioql PyPI...

EUVD-2023-27033

Malicious code in bioql PyPI...

EUVD-2025-7975

Malicious code in bioql PyPI...