Fahadmahmood Rss_feed_widget
2 CVEs affecting Fahadmahmood Rss_feed_widget. Latest disclosed: 2024-11-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10057 | Medium | 6.4 | 2024-10-18 | The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rfw-youtube-videos shortcode in all versions up to, and… |
CVE-2024-9835 | Medium | 4.8 | 2024-11-12 | The RSS Feed Widget WordPress plugin before 3.0.1 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could… |