Fahadmahmood Rss_feed_widget

2 CVEs affecting Fahadmahmood Rss_feed_widget. Latest disclosed: 2024-11-12. Critical: 0, High: 0.

Top CVEs affecting Fahadmahmood Rss_feed_widget
CVESeverityScorePublishedSummary
CVE-2024-10057Medium6.42024-10-18The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rfw-youtube-videos shortcode in all versions up to, and…
CVE-2024-9835Medium4.82024-11-12The RSS Feed Widget WordPress plugin before 3.0.1 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could…