Lucene search
K

134 matches found

Patchstack
Patchstack
added 2025/09/26 10:5 a.m.7 views

WordPress Silencesoft RSS Reader Plugin <= 0.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Silencesoft RSS Reader versions = 0.6...

6.2AI score0.00226EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/09/26 10:4 a.m.5 views

WordPress Silencesoft RSS Reader Plugin <= 0.6 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Silencesoft RSS Reader versions = 0.6...

5.4CVSS6.7AI score0.00159EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/09/26 8:32 a.m.10 views

CVE-2025-60181 WordPress Silencesoft RSS Reader Plugin <= 0.6 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in silence Silencesoft RSS Reader external-rss-reader allows Server Side Request Forgery.This issue affects Silencesoft RSS Reader: from n/a through = 0.6...

5.4CVSS0.00159EPSS
Exploits0References1
CVE
CVE
added 2025/09/26 8:32 a.m.12 views

CVE-2025-60181

CVE-2025-60181 is a Server-Side Request Forgery (SSRF) in Silencesoft RSS Reader (WordPress plugin Silencesoft RSS Reader, &lt;=0.6). Public details in the initial document indicate an SSRF vulnerability with a CVSS v3.1 vector of AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N and a base score of 5.4 (Mediu...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.4 views

WordPress plugin Silencesoft RSS Reader 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

5.4CVSS6.8AI score0.00159EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.6 views

PT-2025-39617

Name of the Vulnerable Software and Affected Versions Silencesoft RSS Reader versions through 0.6 Description A Server-Side Request Forgery SSRF issue exists in Silencesoft RSS Reader. This allows for Server Side Request Forgery. Recommendations At the moment, there is no information about a newe...

5.4CVSS6.4AI score0.00159EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/23 12:0 a.m.1 views

WordPress plugin Silencesoft RSS Reader 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

4.3CVSS6.3AI score0.00124EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/23 12:0 a.m.4 views

PT-2025-34513 · WordPress · Silencesoft Rss Reader

Name of the Vulnerable Software and Affected Versions: Silencesoft RSS Reader plugin for WordPress versions prior to 0.7 Description: The Silencesoft RSS Reader plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the sil rss edit page...

4.3CVSS6.4AI score0.00124EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.3 views

Agorum core open 安全漏洞

Agorum core open is an enterprise content management system from Agorum Germany. A security vulnerability exists in Agorum core open versions prior to 11.9.2 and prior to 11.10.1, which stems from improper handling of RSSReader endpoints and could lead to an attack by an XML external entity...

6.5CVSS6.5AI score0.00222EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.6 views

CVE-2021-20752

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.6AI score0.00788EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 a.m.7 views

CVE-2019-6031

Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader...

6.1CVSS6.5AI score0.00781EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/02 12:0 a.m.11 views

IkaIka RSS Reader Cross-Site Scripting Vulnerability

IkaIka RSS Reader is an online RSS reader. A cross-site scripting vulnerability exists in IkaIka RSS Reader that stems from insufficient filtering of user-supplied data in RSS feeds. A remote attacker could trick a victim into visiting a specially crafted link in a vulnerable website and execute...

6.1CVSS6.5AI score0.00788EPSS
Exploits0References1
NVD
NVD
added 2021/07/01 6:15 a.m.25 views

CVE-2021-20752

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00788EPSS
Exploits0References1
Prion
Prion
added 2021/07/01 6:15 a.m.16 views

Cross site scripting

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6AI score0.00788EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/01 5:45 a.m.21 views

CVE-2021-20752

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00788EPSS
Exploits0References1
CVE
CVE
added 2021/07/01 5:45 a.m.114 views

CVE-2021-20752

CVE-2021-20752 is a cross-site scripting vulnerability affecting IkaIka RSS Reader (all versions). The issue arises from insufficient filtering of user-supplied data in RSS feeds, allowing a remote attacker to cause arbitrary script execution in the victim’s browser when a vulnerable feed is proc...

6.1CVSS6AI score0.00788EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.2 views

IkaIka RSS Reader 跨站脚本漏洞

IkaIka RSS Reader is an online RSS reader. A cross-site scripting vulnerability exists in IkaIka RSS Reader that stems from insufficient filtering of user-supplied data in RSS feeds. A remote attacker could trick a victim into visiting a specially crafted link in a vulnerable website and execute...

6.1CVSS5.6AI score0.00788EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/06/30 12:0 a.m.36 views

JVN#15185184: IkaIka RSS Reader vulnerable to cross-site scripting

IkaIka RSS Reader contains a cross-site scripting vulnerability CWE-79, due to the improper processing of RSS registration. Impact If a malicious RSS feed is loaded into the product, an arbitrary script may be executed on the web browser where the product is running. Solution Do not use IkaIka RS...

6.1CVSS6.1AI score0.00788EPSS
Exploits0
Gitee
Gitee
added 2021/03/06 4:46 p.m.3 views

thorn-linux

This is a Debian-based research and development platform for information security called Thorn Linux. It is designed to keep users up to date with the latest cybersecurity news while providing a hardened and anonymized penetration-testing environment. The platform includes a highly customized...

6.7AI score
Exploits0
NVD
NVD
added 2019/12/26 4:15 p.m.18 views

CVE-2019-6031

Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader...

6.1CVSS6.2AI score0.00781EPSS
Exploits0References2
Rows per page
Query Builder