EUVD-2018-12739

Malware in sbrugna...

WP eBay Product Feeds < 1.2 - Cross-Site Scripting via rss_url Parameter

The WP eBay Product Feeds WordPress plugin was affected by a Cross-Site Scripting via rssurl Parameter security vulnerability. PoC http://localhost/wordpress/wp-content/plugins/ebay–feeds–for–wordpress/magpie/scripts/magpieslashbox.php?rssurl=%3Cscript%3Ealert%281%29%3C/script%3E...

CVE-2005-3955

Multiple cross-site scripting XSS vulnerabilities in MagpieRSS 7.1, as used in a blogBuddiesv 0.3, b Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and 2 rssurl parameter to b magpieslashbox.php a...