cleantalk
Vulnerabilities and Security Researches

WP eBay Product Feeds, CVE-2014-4525

CVE, Research URL

CVE-2014-4525

Home page URL

Security reports for WP eBay Product Feeds

Application

WP eBay Product Feeds

Published on
Dec 27, 2019
Research Description
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.
Affected versions
Min -, max 3.4.
Status
vulnerable
Previous vulnerability researches
WP eBay Product Feeds (CVE-2023-23722) , Jun 07, 2024
WP eBay Product Feeds (CVE-2014-4525) , Jun 07, 2024
WP eBay Product Feeds (CVE-2025-58977) , Sep 10, 2025
New vulnerability
Redis Object Cache , Sep 17, 2025
Zakra (CVE-2025-8595) , Sep 15, 2025
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025