Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fifu featured image from url vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2241
The Featured Image from URL (FIFU) WordPress plugin prior to 4.0.1 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and...
Fifu Featured Image From Url
NA
CVE-2023-6561
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the featured image alt text in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated at...
Fifu Featured Image From Url
NA
CVE-2022-2278
The Featured Image from URL (FIFU) WordPress plugin prior to 4.0.1 does not validate, sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (f...
Fifu Featured Image From Url
NA
CVE-2024-1496
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the fifu_input_url parameter in all versions up to, and including, 4.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated a...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started