Filtered by vendor Feedwordpress Project Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-25055 1 Feedwordpress Project 1 Feedwordpress 2024-11-21 6.1 Medium
The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter.
CVE-2015-9358 1 Feedwordpress Project 1 Feedwordpress 2024-11-21 N/A
The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVE-2015-4018 1 Feedwordpress Project 1 Feedwordpress 2024-11-21 N/A
SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the link_ids[] parameter in an Update action in the syndication.php page to wp-admin/admin.php.