PT-2024-37752 · WordPress · The Rss Aggregator

Name of the Vulnerable Software and Affected Versions: The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress versions up to, and including, 4.23.11 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify dat...

Cross Site Scripting in extension "gkh RSS Import" (gkh_rss_import)

The extension fails to properly encode user input for output in HTML context...

Dotclear 2.9.1 SSRF / XSPA

Dotclear 2.9.1 SSRF/XSPA Vulnerability + Software: https://dotclear.org/ + Author: Wiswat Aswamenakul + Affected version: only tested on 2.9.1 previous version might be affected + Platform: tested on Ubuntu 14.04, PHP 5.5.9 + Description Dotclear has a feature to import blog content through RSS...