Featured Image from URL
fifu.app
Developer
5.3.3
Latest version
70,000
Installations
No date
Last updated
Vulnerability history
0 present
13 patched
0 Mitigation rules
- Authenticated (Contributor+) Server-Side Request Forgery via 'fifu_input_url' vulnerability<= 5.3.102/02/2026
- Authenticated (Admin+) SQL Injection vulnerability<= 5.2.731/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Featured Image Custom Fields vulnerability<= 5.2.706/10/2025
- Authenticated (Admin+) SQL Injection vulnerability<= 5.2.725/09/2025
- Missing Authorization to Password Protected Post Disclosure vulnerability<= 5.2.725/09/2025
- Unauthenticated Information Exposure via Log File vulnerability<= 5.2.725/09/2025
- Broken Access Control vulnerability<= 4.8.205/07/2024
- Broken Access Control vulnerability<= 4.8.128/06/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via fifu_input_url vulnerability<= 4.6.220/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via featured image alt text vulnerability<= 4.5.315/12/2023
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 4.0.011/07/2022
- Arbitrary Settings Update to Stored XSS via CSRF vulnerability<= 3.9.911/07/2022
- Missing Access Controls on REST routes vulnerability<= 2.7.727/12/2019