Fifu Featured Image From Url — known CVE vulnerabilities
Every CVE whose affected-product data names Fifu Featured Image From Url, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-6561 — CVSS 6.4 (medium): The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the featured image alt text in all…
CVE-2024-1496 — CVSS 6.4 (medium): The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the fifu_input_url parameter in…
CVE-2022-2241 — CVSS 6.1 (medium): The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not have CSRF check in place when updating its settings, which could…
CVE-2022-2278 — CVSS 4.8 (medium): The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not validate, sanitise and escape some of its settings, which could…