CVE-2025-14745 | RSS Aggregator Plugin up to 5.0.10 on WordPress Shortcode wp-rss-aggregator cross site scripting

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability marked as problematic has been reported in RSS Aggregator Plugin up to 5.0.10 on WordPress. Impacted is the function wp-rss-aggregator of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-14745. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-14745 | RSS Aggregator Plugin up to 5.0.10 on WordPress Shortcode wp-rss-aggregator cross site scripting

Post correlati

CVE-2024-3766 | slowlyo OwlAdmin up to 3.5.7 Image File Upload /admin-api/upload_image file cross site scripting

CVE-2023-6614 | Typecho 1.2.1 Page /admin/manage-pages.php backdoor

CVE-2024-32696 | QuantumCloud Infographic Maker Plugin up to 4.6.6 on WordPress cross site scripting

CVE-2024-21356 | Microsoft Windows up to Server 2022 23H2 LDAP denial of service