Vulnerabilities and security researches forfat-rat-collect fat-rat-collect

Nov 14, 2024

CVE, Research URL: CVE-2024-10577
Home page URL: Security reports for 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标?
Application: 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标?
Date: Nov 13, 2024
Research Description: The ????(Fat Rat Collect) ????????????????, ??????????????????????????? plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to missing escaping on a URL in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: max 2.7.3.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-35045
Home page URL: Security reports for 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标?
Application: 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标?
Date: Jun 14, 2024
Research Description: Missing Authorization vulnerability in Fat Rat Fat Rat Collect.This issue affects Fat Rat Collect: from n/a through 2.6.7.
Affected versions: max 2.6.1.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: 2c55c66925e9c17345ddab1241d1fa42eaeee7bb
Home page URL: Security reports for 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标?
Application: 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标?
Date: -
Research Description: 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标签、等多项功能。开源插件 [fat-rat-collect] < 2.6.1 WordPress Fat Rat Collect Plugin <= 2.6.1 is vulnerable to Broken Access Control No patched version is available. The WordPress plugins review team was notified on 2023 May 11. Abdi Pranata discovered and reported this Broken Access Control vulnerability in WordPress Fat Rat Collect Plugin. This vulnerability has not been known to be fixed yet.
Affected versions: max 2.6.1.
Status: vulnerable