PLUGIN SECURITY
Is Wp Rss Aggregator safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Wp Rss Aggregator WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
wp-rss-aggregator
Known vulnerabilities
- CVE-2022-0189 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.20 (XSS) · Medium
- CVE-2021-24988 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.20 (XSS) · Medium
- CVE-2021-24768 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.20 (XSS) · Medium
- WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.6.4
- CVE-2024-0630 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.23.5 (XSS) · Medium
+ 8 more known vulnerabilities
- CVE-2024-0628 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.23.6 (SSRF) · Low
- CVE-2024-4860 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.23.9 (XSS) · Medium
- CVE-2024-6621 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.23.12 (Missing Authorization) · Medium
- CVE-2024-9583 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 4.23.13 (Missing Authorization) · Medium
- CVE-2025-14375 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 5.0.11 (XSS) · Medium
- CVE-2025-14745 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 5.0.11 (XSS) · Medium
- CVE-2026-2433 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 5.0.12
- CVE-2026-1216 — WP RSS Aggregator – RSS Import, Feed to Post, Autoblogging, AI Content [wp-rss-aggregator] < 5.0.11
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.