cleantalk
Vulnerabilities and Security Researches

RSS Feed Widget, CVE-2024-32690

CVE, Research URL

CVE-2024-32690

Home page URL

Security reports for RSS Feed Widget

Application

RSS Feed Widget

Published on
Apr 22, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood RSS Feed Widget allows Stored XSS.This issue affects RSS Feed Widget: from n/a through 2.9.7.
Affected versions
max 2.9.8.
Status
vulnerable
Previous vulnerability researches
RSS Feed Widget (CVE-2024-9835) , Nov 13, 2024
RSS Feed Widget (CVE-2024-9836) , Nov 13, 2024
RSS Feed Widget (CVE-2024-10057) , Oct 20, 2024
RSS Feed Widget (CVE-2025-69349) , Jan 09, 2026
RSS Feed Widget (CVE-2024-32690) , Jun 07, 2024
New vulnerability
Secure Copy Content Protection and Content Locking (CVE-2025-14442) , Jan 11, 2026
Secure Copy Content Protection and Content Locking (CVE-2025-14159) , Jan 11, 2026
VK Google Job Posting Manager (CVE-2025-68070) , Jan 11, 2026
WPCal.io – Easy Meeting Scheduler (CVE-2025-66103) , Jan 11, 2026
Calendar (CVE-2025-14548) , Jan 11, 2026