WordPress Plugin Vulnerabilities

FeedWordPress < 2015.0514 - XSS & SQL-Injection

Description

The FeedWordPress WordPress plugin was affected by a XSS & SQL-Injection security vulnerability.

Affects Plugins

Plugin icon
feedwordpress
Fixed in 2015.0514

References

CVE
CVE-2015-9358
CVE
CVE-2015-4018
Exploitdb
37067
URL
https://packetstormsecurity.com/files/#131974/
URL
https://seclists.org/fulldisclosure/2015/May/75

Miscellaneous

Submitter
firefart
Submitter website
https://firefart.at/
Submitter twitter
_FireFart_
Verified
No
WPVDB ID
9e2856ae-25e1-4549-b6a6-4342e47fa4e1

Timeline

Publicly Published
2015-05-19 (about 10 years ago)
Added
2015-05-19 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2015-03-17
Title
WP All Import Pro <= 4.1.1 - Multiple Vulnerabilities
Published
2019-06-15
Title
Dropshix < 4.0.14 - Arbitrary Product Import
Published
2020-01-27
Title
CarSpot < 2.2.3 - Multiple Vulnerabilities
Published
2014-08-01
Title
Pay With Tweet <= 1.1 - Multiple Vulnerabilities
Published
2014-10-01
Title
Refraction Theme Multiple Vulnerabilities (XSS, FPD)