Vulnerabilities > Fifu > Featured Image From URL > 4.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-29 | CVE-2024-1496 | Unspecified vulnerability in Fifu Featured Image From URL The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the fifu_input_url parameter in all versions up to, and including, 4.6.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-01-11 | CVE-2023-6561 | Cross-site Scripting vulnerability in Fifu Featured Image From URL The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the featured image alt text in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping. | 5.4 |