Featured Image From Url Security Vulnerabilities and Issues — Featured Image From Url CVE List

Lucene search

FifuFeatured Image From Url

3 matches found

CVE•added 2022/08/01 1:15 p.m.•52 views

CVE-2022-2241

The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, ...

6.1CVSS6AI score0.00287EPSS

CVE•added 2024/02/29 1:43 a.m.•46 views

CVE-2024-1496

The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the fifu_input_url parameter in all versions up to, and including, 4.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with cont...

6.4CVSS6.1AI score0.00219EPSS

CVE•added 2024/01/11 9:15 a.m.•37 views

CVE-2023-6561

The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the featured image alt text in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contr...

6.4CVSS5.2AI score0.00176EPSS