MidnightBSD

Advisories for cross-rss_plugin_project

CVE-2014-4941 MEDIUM

Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
cross-rss_plugin_project wp-cross-rss 1.7