CVE-2013-3720

Feedweb < 1.8.8 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wp_post_id parameter.

References (4)

Scores

EPSS 0.0024
EPSS Percentile 47.5%

Details

CWE
CWE-79
Status published
Products (50)
feedweb/feedweb < 1.8.8
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
feedweb/feedweb
... and 40 more
Published May 31, 2013
Tracked Since Feb 18, 2026