Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

rebelcode — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting rebelcode. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products rebelcode:RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingSpotlight Social Media Feeds
CVE IDTitleCVSSSeverityPaused
CVE-2026-2433 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.11 - Unauthenticated DOM-Based Reflected Cross-Site Scripting via postMessage — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-79 6.1 Medium2026-03-07
CVE-2026-1216 RSS Aggregator <= 5.0.10 - Reflected Cross-Site Scripting via 'template' Parameter — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-79 7.2 High2026-02-17
CVE-2025-14745 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via wp-rss-aggregator Shortcode — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-79 6.4 Medium2026-01-23
CVE-2025-14375 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.10 - Reflected Cross-Site Scripting via className — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-79 6.1 Medium2026-01-16
CVE-2025-26758 WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability — Spotlight Social Media FeedsCWE-497 5.3 Medium2025-02-17
CVE-2024-9583 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.12 - Missing Authorization — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-862 4.3 Medium2024-10-23
CVE-2024-6621 WP RSS Aggregator <= 4.23.11 - Missing Authorization to Authenticated (Subscriber+) Feed State Update — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-862 4.3 Medium2024-07-16
CVE-2024-31381 WordPress Spotlight Social Feeds plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) vulnerability — Spotlight Social Media FeedsCWE-352 4.3 Medium2024-04-15
CVE-2024-0630 WP RSS Aggregator <= 4.23.4 - Authenticated (Admin+) Stored Cross-Site Scripting via RSS Feed Source — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-79 4.4 Medium2024-02-05

This page lists every published CVE security advisory associated with rebelcode. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.