Vulnerabilities > Rebelcode

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-9583 Missing Authorization vulnerability in Rebelcode RSS Aggregator
The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the wprss_ajax_send_premium_support function in all versions up to, and including, 4.23.12.
network
low complexity
rebelcode CWE-862
5.4
2024-07-16 CVE-2024-6621 Unspecified vulnerability in Rebelcode RSS Aggregator
The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wprss_activate_feed_source' and 'wprss_pause_feed_source' functions in all versions up to, and including, 4.23.11.
network
low complexity
rebelcode
4.3
2023-02-13 CVE-2023-0379 Unspecified vulnerability in Rebelcode Spotlight Social Feeds
The Spotlight Social Feeds WordPress plugin before 1.4.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
network
low complexity
rebelcode
5.4