cleantalk
Vulnerabilities and Security Researches

RSS Feed Widget, f00d10380c1fb212aa5ee7f7df59914d26977c0b

CVE, Research URL

f00d10380c1fb212aa5ee7f7df59914d26977c0b

Home page URL

Security reports for RSS Feed Widget

Application

RSS Feed Widget

Published on
Aug 26, 2020
Research Description
RSS Feed Widget [rss-feed-widget] < 2.8.1 WordPress RSS Feed Widget plugin <= 2.8.0 - Authenticated Cross-Site Scripting (XSS) vulnerability Authenticated Cross-Site Scripting (XSS) vulnerability found by zerodetail & ratherbland in WordPress RSS Feed Widget plugin (versions <= 2.8.0).
Affected versions
max 2.8.1.
Status
vulnerable
Previous vulnerability researches
RSS Feed Widget (CVE-2024-9835) , Nov 13, 2024
RSS Feed Widget (CVE-2024-9836) , Nov 13, 2024
RSS Feed Widget (f00d10380c1fb212aa5ee7f7df59914d26977c0b) , Jun 16, 2026
RSS Feed Widget (CVE-2024-10057) , Oct 20, 2024
RSS Feed Widget (CVE-2025-69349) , Jan 09, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026