All 5 CVE vulnerabilities found in RSS Feed Widget, with AI-generated Chinese analysis, references, and POCs.
Vendor: Fahad Mahmood
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69349 | WordPress RSS Feed Widget plugin <= 3.0.2 - Broken Access Control vulnerability CWE-862 | 5.4 | Medium | 2026-01-06 |
| CVE-2024-9836 | RSS Feed Widget < 3.0.0 - Contributor+ Stored XSS | 5.4AI | MediumAI | 2024-11-12 |
| CVE-2024-9835 | RSS Feed Widget < 3.0.1 - Reflected XSS | 6.1AI | MediumAI | 2024-11-12 |
| CVE-2024-10057 | RSS Feed Widget <= 2.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via rfw-youtube-videos Shortcode CWE-79 | 6.4 | Medium | 2024-10-18 |
| CVE-2024-32690 | WordPress RSS Feed Widget plugin <= 2.9.7 - Cross Site Scripting (XSS) vulnerability CWE-79 | 5.9 | Medium | 2024-04-22 |
All 5 known CVE vulnerabilities affecting RSS Feed Widget with full Chinese analysis, references, and POCs where available.