cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-0839,https://securityvulnerability.io/vulnerability/CVE-2024-0839,Insecure Direct Object Reference Vulnerability in FeedWordPress Plugin by WordPress,"The FeedWordPress plugin for WordPress is affected by an Insecure Direct Object Reference vulnerability that stems from inadequate validation of the user-controlled 'guid' key. This flaw could potentially allow unauthorized individuals to access and view draft posts that may contain sensitive content, highlighting a significant security risk for users relying on this plugin for managing their WordPress sites.",Wordpress,FeedWordPress,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-13T15:26:36.360Z,0
CVE-2015-9358,https://securityvulnerability.io/vulnerability/CVE-2015-9358,,The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().,Wordpress,FeedWordPress,6.1,MEDIUM,0.0005799999926239252,false,,false,false,false,,false,false,2019-08-28T11:43:51.000Z,0
CVE-2015-4018,https://securityvulnerability.io/vulnerability/CVE-2015-4018,,SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the link_ids[] parameter in an Update action in the syndication.php page to wp-admin/admin.php.,Wordpress,FeedWordPress,,,0.0008200000156648457,false,,false,false,false,,false,false,2015-05-21T20:00:00.000Z,0