Wprssaggregator Wp_rss_aggregator

5 CVEs affecting Wprssaggregator Wp_rss_aggregator. Latest disclosed: 2024-02-07. Critical: 0, High: 0.

Top CVEs affecting Wprssaggregator Wp_rss_aggregator
CVESeverityScorePublishedSummary
CVE-2022-0189Medium6.12022-02-28The WP RSS Aggregator WordPress plugin before 4.20 does not sanitise and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputt…
CVE-2021-24988Medium5.42021-12-27The WP RSS Aggregator WordPress plugin before 4.19.3 does not sanitise and escape data before outputting it in the System Info admin dashboard, which could lea…
CVE-2021-24768Medium4.82021-11-29The WP RSS Aggregator WordPress plugin before 4.19.2 does not properly sanitise and escape the URL to Blacklist field, allowing malicious HTML to be inserted b…
CVE-2024-0630Medium4.42024-02-05The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the RSS feed source in all versions up to, and including, 4.23.4 du…
CVE-2024-0628Low3.82024-02-07The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.23.5 via the RSS feed source in…