2025-07-24 09:22:20
Wordfence
PUBLISHED
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugins taeggie-feed shortcode in all versions up to, and including, 0.1.10. The plugin’s render() method takes the user-supplied name attribute and injects it directly into a