RSS   Vulnerabilities for 'Flickrrss'   RSS

2018-02-06
 
CVE-2018-6469

CWE-79
 
 
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_tags parameter to wp-admin/options-general.php.

 
 
CVE-2018-6468

CWE-79
 
 
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_id parameter to wp-admin/options-general.php.

 
 
CVE-2018-6467

CWE-352
 
 
The flickrRSS plugin 5.3.1 for WordPress has CSRF via wp-admin/options-general.php.

 
 
CVE-2018-6466

CWE-79
 
 
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_set parameter to wp-admin/options-general.php.

 

Copyright 2024, cxsecurity.com

 

Back to Top