CVE-2014-4941

Absolute path traversal vulnerability in Cross-RSS wp-cross-rss plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php...

EUVD-2014-4858

Malware in sbrugna...

CVE-2019-14327

A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows attackers to change the plugin settings...

WordPress plugin Embed RSS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Add RSS plugin <= 1.5 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Add RSS versions = 1.5...

CVE-2023-23877 WordPress Pinterest RSS Widget Plugin <= 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in bkmacdaddy designs Pinterest RSS Widget plugin = 2.3.1 versions...

WordPress RSS Redirect & Feedburner Alternative Plugin <= 3.7 is vulnerable to Broken Access Control

Software RSS Redirect & Feedburner Alternative Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6e5bdc6d7d15 Credits WordFence...

evolution-rss 信任管理问题漏洞

evolution-rss is This is an evolution plugin that enables evolution to read RSS feeds. A security vulnerability exists in GNOME evolution-rss 0.3.96 and earlier versions, which stems from the fact that network-soup.c in the program does not enable TLS certificate validation for the SoupSessionSyn...

CVE-2019-14327

The CVE-2019-14327 entry describes a CSRF vulnerability in the WordPress plugin “Custom Simple RSS” version 2.0.6, affecting the plugin’s Settings form and enabling attackers to alter plugin settings. The issue is documented in multiple sources (NVD, Red Hat, CNVD, Patchstack, WPVulnDB) with the ...

Custom Simple RSS <= 2.0.6 - CSRF

CSRF issue in the Custom Simple Rss Plugin PoC https://youtu.be/R0VrTpjaRg https://gofile.io/?c=jmVseA - CSRF html file...

WordPress Plugin "Category Specific RSS feed Subscription" vulnerable to cross-site request forgery

Overview WordPress Plugin "Category Specific RSS feed Subscription" provided by Tips and Tricks HQ contains a cross-site request forgery vulnerability CWE-352. Gota Abe of Cryptography Laboratory,Department of Information and Communication Engineering,Tokyo Denki University directly reported this...

CVE-2018-6469

A cross-site scripting XSS vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSStags parameter to wp-admin/options-general.php...

Path traversal

Absolute path traversal vulnerability in Cross-RSS wp-cross-rss plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php...

miniBB RSS 2.0 Plugin Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30421/info The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...

miniBB RSS插件远程文件包含漏洞

BUGTRAQ ID: 30421 CNCAN ID：CNCAN-2008073001 miniBB是一款基于PHP的论坛程序。 miniBB不正确过滤用户提交的参数，远程攻击者可以利用漏洞以WEB进程权限执行任意PHP代码。 miniBB包含的RSS插件脚本不正确过滤用户提交的WEB参数，指定远程服务器上的任意文件作为包含对象，可导致以WEB进程权限执行任意PHP代码。 Paul Puzyrev RSS 2.0 目前没有解决方案提供： http://www.minibb.com/download.htmladdons...

plugin Rss Remote File Inclusion Vulnerability

plugin Rss Remote File Inclusion Vulnerability Ghost Hacker, http://gh0st10.wordpress.com |, .-. .-. ,| | o/ o | R-H team |/ / | Found by : Ghost Hacker HomePage : real-hack.net Email : [email protected] Name Script : plugin Rss Download Script :...

minibbrss-rfi.txt

plugin Rss Remote File Inclusion Vulnerability Ghost Hacker, http://gh0st10.wordpress.com |, .-. .-. ,| | o/ \o | R-H team |/ /\ | Found by : Ghost Hacker HomePage : real-hack.net Email : [email protected] Name Script : plugin Rss Download Script :...

MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusions

MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/30421/info The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attack...

MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/30421/info The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying...

CVE-2007-6205

Cross-site scripting XSS vulnerability in the remote RSS sidebar plugin serendipitypluginremoterss in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed...