CVE-2025-11128 | Feedzy RSS Aggregator Plugin up to 5.1.0 on WordPress feedzy_sanitize_feeds server-side request forgery

Inserito da Angelo Barbosa | Ott 23, 2025 | CVE

A vulnerability was found in Feedzy RSS Aggregator Plugin up to 5.1.0 on WordPress. It has been declared as critical. This affects the function feedzy_sanitize_feeds. Executing manipulation can lead to server-side request forgery.

This vulnerability is registered as CVE-2025-11128. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-11128 | Feedzy RSS Aggregator Plugin up to 5.1.0 on WordPress feedzy_sanitize_feeds server-side request forgery

Post correlati

CVE-2025-50201 | LabRedesCefetRJ WeGIA up to 3.4.1 debug_info.php branch os command injection (GHSA-52p5-5fmw-9hrf)

CVE-2023-46683 | TP-Link ER7206 Omada Gigabit VPN Router 1.3.0 Build 20230322 Rel.70591 Wireguard VPN os command injection (TALOS-2023-1857)

CVE-2023-4464 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 Diagnostic Telnet Mode os command injection (MZ-23-01)

CVE-2025-27399 | Mastodon up to 4.1.22/4.2.15/4.3.3 information disclosure (GHSA-94h4-fj37-c825)