CVE-2025-39418

UNKNOWN 0.0

WordPress RSS Manager plugin <= 0.06 - CSRF to Stored XSS vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Cross-Site Request Forgery (CSRF) vulnerability in ajayver RSS Manager rss-manager allows Stored XSS.This issue affects RSS Manager: from n/a through <= 0.06.

CWE	CWE-352
Vendor	ajayver
Product	rss manager
Published	Apr 17, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for ajayver rss manager

Be the first to know when new unknown vulnerabilities affecting ajayver rss manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ajayver / RSS Manager

0 ≤ 0.06

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/rss-manager/vulnerability/wordpress-rss-manager-plugin-0-06-csrf-to-stored-xss-vulnerability?_s_id=cve

Credits

johska | Patchstack Bug Bounty Program