Themeisle

Rss Aggregator By Feedzy

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2025-11467

  • EPSS 0.06%
  • Veröffentlicht 11.12.2025 01:55:32
  • Zuletzt bearbeitet 12.12.2025 15:18:13

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 5.1.1 via the feedzy_lazy_load function. Th...

5

CVE-2025-11128

  • EPSS 0.06%
  • Veröffentlicht 23.10.2025 12:32:32
  • Zuletzt bearbeitet 27.10.2025 13:20:33

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.1.0 via the 'feedzy_sanitize_feeds' function. T...

6.4

CVE-2023-6805

  • EPSS 0.28%
  • Veröffentlicht 17.04.2024 13:15:08
  • Zuletzt bearbeitet 14.01.2025 20:36:23

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. Thi...

5.4

CVE-2023-6877

  • EPSS 0.66%
  • Veröffentlicht 07.04.2024 02:15:07
  • Zuletzt bearbeitet 14.01.2025 20:36:35

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.3.3 due to insuff...

8.8

CVE-2024-1317

  • EPSS 0.43%
  • Veröffentlicht 29.02.2024 01:43:47
  • Zuletzt bearbeitet 31.12.2024 16:57:11

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to SQL Injection via the ‘search_key’ parameter in all versions up to, and including, 4.4.2 due to insufficient escapi...

6.5

CVE-2024-1318

  • EPSS 0.17%
  • Veröffentlicht 29.02.2024 01:43:47
  • Zuletzt bearbeitet 31.12.2024 16:56:50

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'feedzy_wizard_step_process' and 'import...

4.3

CVE-2024-1092

  • EPSS 0.12%
  • Veröffentlicht 05.02.2024 22:16:07
  • Zuletzt bearbeitet 21.11.2024 08:49:46

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the feedzy dashboard in all versions up to, and...

5.4

CVE-2023-6801

  • EPSS 0.08%
  • Veröffentlicht 06.01.2024 10:15:46
  • Zuletzt bearbeitet 21.11.2024 08:44:35

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient inpu...

5.4

CVE-2023-6798

  • EPSS 0.08%
  • Veröffentlicht 06.01.2024 10:15:45
  • Zuletzt bearbeitet 21.11.2024 08:44:34

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check when updating settings in all versions up to, and in...

4.3

CVE-2020-36758

Exploit
  • EPSS 0.14%
  • Veröffentlicht 20.10.2023 08:15:11
  • Zuletzt bearbeitet 21.11.2024 05:30:14

The RSS Aggregator by Feedzy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.2. This is due to missing or incorrect nonce validation on the save_feedzy_post_type_meta() function. This makes it po...