WP-Safety

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Security & Risk Analysis

wordpress.org/plugins/wp-rss-aggregator

The #1 WordPress RSS aggregator to quickly import RSS feeds, build a news aggregator, and for easy autoblogging.

50K active installs v5.0.12 PHP 7.4.0+ WP 6.2.2+ Updated Mar 3, 2026
autobloggingfeed-to-postnews-aggregatorrss-aggregatorrss-import
92
A · Safe
CVEs total13
Unpatched0
Last CVEMar 6, 2026
Plugin page Download
Safety Verdict

Is RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Safe to Use in 2026?

Generally Safe

Score 92/100

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

13 known CVEsLast CVE: Mar 6, 2026Updated 2mo ago
Risk Assessment

The plugin "wp-rss-aggregator" v5.0.12 exhibits a mixed security posture. While it demonstrates good practices like a high percentage of prepared SQL statements and a significant number of nonce and capability checks, there are notable areas of concern. The large number of unprotected AJAX handlers (17 out of 22) presents a substantial attack surface, significantly increasing the risk of unauthorized actions. The presence of a high-severity taint flow with unsanitized paths indicates a potential for serious vulnerabilities, though its impact is mitigated by the absence of critical severity flows and currently unpatched CVEs.

The vulnerability history of this plugin is concerning, with a total of 13 known CVEs, including a high-severity one. The prevalence of Cross-site Scripting (XSS), Missing Authorization, and Server-Side Request Forgery (SSRF) in past vulnerabilities suggests recurring issues in input validation and authorization enforcement. While there are currently no unpatched vulnerabilities, the historical pattern indicates a need for ongoing vigilance and prompt patching of any future issues. The use of the dangerous `assert` function, even if infrequent, is a potential risk that should be scrutinized.

In conclusion, while "wp-rss-aggregator" shows some strengths in its implementation of security features, the large attack surface of unprotected AJAX endpoints, a high-severity taint flow, and a history of multiple security vulnerabilities necessitate a cautious approach. The plugin's developers should prioritize addressing the unprotected AJAX handlers and thoroughly review code paths related to the identified taint flow.

Key Concerns

  • Large attack surface without auth (AJAX)
  • High severity taint flow
  • 1 high severity CVE historically
  • 11 medium severity CVEs historically
  • Dangerous function 'assert' used
  • Only 65% of output properly escaped
Vulnerabilities
13 published

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Security Vulnerabilities

CVEs by Year

1 CVE in 2014
2014
2 CVEs in 2021
2021
1 CVE in 2022
2022
5 CVEs in 2024
2024
4 CVEs in 2026
2026
Patched Has unpatched

Severity Breakdown

High
1
Medium
11
Low
1

13 total CVEs

CVE-2026-2433medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.11 - Unauthenticated DOM-Based Reflected Cross-Site Scripting via postMessage

Mar 6, 2026 Patched in 5.0.12 (1d)
CVE-2026-1216high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RSS Aggregator <= 5.0.10 - Reflected Cross-Site Scripting via 'template' Parameter

Feb 16, 2026 Patched in 5.0.11 (1d)
CVE-2025-14745medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via wp-rss-aggregator Shortcode

Jan 22, 2026 Patched in 5.0.11 (1d)
CVE-2025-14375medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.10 - Reflected Cross-Site Scripting via className

Jan 15, 2026 Patched in 5.0.11 (1d)
CVE-2024-9583medium · 4.3Missing Authorization

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.12 - Missing Authorization

Oct 22, 2024 Patched in 4.23.13 (1d)
CVE-2024-6621medium · 4.3Missing Authorization

WP RSS Aggregator <= 4.23.11 - Missing Authorization to Authenticated (Subscriber+) Feed State Update

Jul 15, 2024 Patched in 4.23.12 (1d)
CVE-2024-4860medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.8 - Reflected Cross-Site Scripting

May 14, 2024 Patched in 4.23.9 (3d)
CVE-2024-0628low · 3.8Server-Side Request Forgery (SSRF)

WP RSS Aggregator <= 4.23.5 - Authenticated (Admin+) Server-Side Request Forgery via RSS Feed Source

Feb 6, 2024 Patched in 4.23.6 (175d)
CVE-2024-0630medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP RSS Aggregator <= 4.23.4 - Authenticated (Admin+) Stored Cross-Site Scripting via RSS Feed Source

Jan 25, 2024 Patched in 4.23.5 (187d)
CVE-2022-0189medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP RSS Aggregator <= 4.19.3 - Reflected Cross-Site Scripting

Jan 26, 2022 Patched in 4.20 (727d)
CVE-2021-24988medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP RSS Aggregator <= 4.19.2 - Subscriber+ Stored Cross-Site Scripting

Nov 29, 2021 Patched in 4.19.3 (785d)
CVE-2021-24768medium · 4.8Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP RSS Aggregator <= 4.19.1 - Admin+ Stored Cross-Site Scripting

Nov 1, 2021 Patched in 4.19.2 (813d)
WF-a46364f4-9258-4f5e-9d53-dcbaf726f2f0-wp-rss-aggregatormedium · 6.5Missing Authorization

WP RSS Aggregator – News Feeds, Autoblogging, Youtube Video Feeds and More <= 4.6.3 - Authorization Bypass

Dec 16, 2014 Patched in 4.6.4 (3325d)
Version History

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Release Timeline

v5.0.12Current
v5.0.111 CVE
CVE-2026-2433
v5.0.104 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.94 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.84 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.74 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.64 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.54 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.44 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.34 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.24 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.14 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v5.0.04 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v4.23.134 CVEs
CVE-2026-2433 CVE-2025-14375 CVE-2026-1216 +1 more
v4.23.125 CVEs
CVE-2024-9583 CVE-2026-2433 CVE-2025-14375 +2 more
v4.23.116 CVEs
CVE-2024-9583 CVE-2026-2433 CVE-2025-14375 +3 more
v4.23.106 CVEs
CVE-2024-9583 CVE-2026-2433 CVE-2025-14375 +3 more
v4.23.96 CVEs
CVE-2024-9583 CVE-2026-2433 CVE-2025-14375 +3 more
v4.23.87 CVEs
CVE-2024-9583 CVE-2026-2433 CVE-2024-4860 +4 more
v4.23.77 CVEs
CVE-2024-9583 CVE-2026-2433 CVE-2024-4860 +4 more
Code Analysis
Analyzed Mar 16, 2026

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Code Analysis

Dangerous Functions
2
Raw SQL Queries
16
44 prepared
Unescaped Output
226
425 escaped
Nonce Checks
37
Capability Checks
24
File Operations
31
External Requests
16
Bundled Libraries
0

Dangerous Functions Found

assertassert( $display instanceof Display );core\src\Renderer.php:246
assertassert( $this->parent instanceof RssFeed );core\src\RssReader\SimplePie\SpRssItem.php:31

SQL Query Safety

73% prepared60 total queries

Output Escaping

65% escaped651 total outputs
Data Flows · Security
5 unsanitized

Data Flow Analysis

10 flows5 with unsanitized paths
handleAjaxFetchLicense (v4\includes\Aventura\Wprss\Core\Licensing\AjaxController.php:153)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
17 unprotected

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Attack Surface

Entry Points23
Unprotected17

AJAX Handlers 22

authwp_ajax_wpra.render.displaycore\modules\renderer.php:73
noprivwp_ajax_wpra.render.displaycore\modules\renderer.php:74
authwp_ajax_wpra_rpccore\modules\rpc.php:72
authwp_ajax_wprss_hide_admin_notificationv4\includes\admin-ajax-notice.php:10
authwp_ajax_wprss_dismiss_addon_noticev4\includes\admin-ajax-notice.php:87
authwp_ajax_wprss_fetch_items_row_actionv4\includes\admin-display.php:472
authwp_ajax_wprss_delete_items_row_actionv4\includes\admin-display.php:544
authwp_ajax_wprss_toggle_feed_statev4\includes\admin-display.php:595
authwp_ajax_wprss_editor_dialogv4\includes\admin-editor.php:55
authwp_ajax_wpra_dl_guidev4\includes\admin-guide-dl.php:91
authwp_ajax_wpra_dismiss_guidev4\includes\admin-guide-dl.php:120
authwp_ajax_wprss_feed_source_table_ajaxv4\includes\admin-heartbeat.php:3
authwp_ajax_wprss_ajax_send_premium_supportv4\includes\admin-help.php:268
authwp_ajax_wprss_set_intro_stepv4\includes\admin-intro-page.php:100
authwp_ajax_wprss_create_intro_feedv4\includes\admin-intro-page.php:127
authwp_ajax_wpra_email_signupv4\includes\admin-intro-page.php:163
authwp_ajax_wprss_ajax_manage_licensev4\includes\licensing.php:112
authwp_ajax_wprss_ajax_fetch_licensev4\includes\licensing.php:113
authwp_ajax_wprss_dismiss_v5_noticev4\includes\v5-notices.php:18
authwp_ajax_wprss_renderv4\src\Modules\FeedTemplatesModule.php:846
noprivwp_ajax_wprss_renderv4\src\Modules\FeedTemplatesModule.php:847
authwp_ajax_wprss_fetch_itemsv4\src\Modules\GutenbergBlockModule.php:204

Shortcodes 1

[wp-rss-aggregator] core\modules\shortcode.php:16
WordPress Hooks 265
actionplugins_loadedcore\core.php:7
filterpre_set_site_transient_update_pluginscore\edd-sl-updater.php:74
filterplugins_apicore\edd-sl-updater.php:75
actionafter_plugin_rowcore\edd-sl-updater.php:76
actionadmin_initcore\edd-sl-updater.php:77
actionadmin_initcore\modules\admin.php:27
filterwpra.admin.frame.headcore\modules\admin.php:43
filterwpra.admin.frame.body.endcore\modules\admin.php:52
actionadmin_enqueue_scriptscore\modules\admin.php:81
actionadmin_menucore\modules\admin.php:94
actionadmin_noticescore\modules\admin.php:266
actioninitcore\modules\blockType.php:21
actionenqueue_block_editor_assetscore\modules\blockType.php:92
actioninitcore\modules\capabilities.php:9
filterdebug_informationcore\modules\debugInfo.php:9
filterwpra.admin.frame.headcore\modules\devServer.php:15
filterwpra.admin.frame.body.endcore\modules\devServer.php:36
actioninitcore\modules\feedItems.php:28
actionwpra.deactivatecore\modules\feedItems.php:72
filtermanage_wprss_feed_item_posts_columnscore\modules\feedItems.php:80
actionmanage_wprss_feed_item_posts_custom_columncore\modules\feedItems.php:100
filterpost_row_actionscore\modules\feedItems.php:139
actionadmin_enqueue_scriptscore\modules\feedItems.php:153
actioninitcore\modules\licensing.php:14
actioninitcore\modules\logger.php:31
actioninitcore\modules\mergedFeed.php:17
actioninitcore\modules\migrations.php:9
actioninitcore\modules\plugin.php:11
actionadmin_initcore\modules\plugin.php:38
filterpre_get_postscore\modules\postFilters.php:37
filterthe_authorcore\modules\postFilters.php:80
filterget_the_author_display_namecore\modules\postFilters.php:81
actioninitcore\modules\renderer.php:25
filterpost_row_actionscore\modules\rowActions.php:11
actionadmin_initcore\modules\rowActions.php:37
actionadmin_noticescore\modules\rowActions.php:85
actioninitcore\modules\shortcode.php:13
actionwpra.source.future.activatecore\modules\sourceFutures.php:11
actionwpra.source.future.pausecore\modules\sourceFutures.php:23
actionwpra.source.store.insertedcore\modules\sourceFutures.php:35
actionwpra.sources.store.updatedcore\modules\sourceFutures.php:42
filtercron_schedulescore\modules\updater.php:14
filtercron_schedulescore\modules\updater.php:37
filterwpra.rpc.v4.*core\modules\v4Migration.php:45
filterwpra.rpc.v4.rollbackcore\modules\v4Migration.php:53
filterwpra.rpc.v4.resetcore\modules\v4Migration.php:54
filterwpra.rpc.v4.numSourcescore\modules\v4Migration.php:56
filterwpra.rpc.v4.numBlacklistcore\modules\v4Migration.php:57
filterwpra.rpc.v4.numTemplatescore\modules\v4Migration.php:58
filterwpra.rpc.v4.numItemscore\modules\v4Migration.php:59
filterwpra.rpc.v4.migrateSettingscore\modules\v4Migration.php:61
filterwpra.rpc.v4.migrateSourcescore\modules\v4Migration.php:62
filterwpra.rpc.v4.migrateBlacklistcore\modules\v4Migration.php:63
filterwpra.rpc.v4.migrateTemplatescore\modules\v4Migration.php:64
filterwpra.rpc.v4.migrateItemscore\modules\v4Migration.php:65
filterwpra.rpc.v4.isPluginsActivatedcore\modules\v4Migration.php:67
filterwpra.rpc.v4.deactivateAddonscore\modules\v4Migration.php:68
filterwpra.rpc.v4.uninstallcore\modules\v4Migration.php:69
filterwpra.rpc.v4.isPremiumPluginInstalledcore\modules\v4Migration.php:71
filterwpra.rpc.v4.activatePremiumPlugincore\modules\v4Migration.php:72
filterwpra.importer.post.urlcore\modules\youtube.php:12
filterwpra.importer.post.contentcore\modules\youtube.php:21
filterwpra.importer.post.metacore\modules\youtube.php:67
filterget_termcore\src\IrPost\IrTerm.php:100
actionwpra.sources.store.insertedcore\src\Store\SourcesStore.php:400
actionadmin_initv4\includes\admin-activate.php:15
actionadmin_noticesv4\includes\admin-ajax-notice.php:203
actioninitv4\includes\admin-ajax-notice.php:1146
actionwprss_pre_initv4\includes\admin-ajax-notice.php:1149
filterpost_classv4\includes\admin-display.php:4
filtermanage_wprss_feed_posts_columnsv4\includes\admin-display.php:18
actionmanage_wprss_feed_posts_custom_columnv4\includes\admin-display.php:48
filtermanage_edit-wprss_feed_sortable_columnsv4\includes\admin-display.php:220
actionpre_get_postsv4\includes\admin-display.php:239
filtermanage_wprss_feed_item_posts_columnsv4\includes\admin-display.php:289
actionmanage_wprss_feed_item_posts_custom_columnv4\includes\admin-display.php:306
filtermanage_edit-wprss_feed_item_sortable_columnsv4\includes\admin-display.php:348
actionpre_get_postsv4\includes\admin-display.php:362
filterpost_updated_messagesv4\includes\admin-display.php:386
filterpost_row_actionsv4\includes\admin-display.php:413
actionwprss_delete_feed_items_from_source_hookv4\includes\admin-display.php:442
actionmanage_posts_extra_tablenavv4\includes\admin-display.php:646
filterbulk_actions-edit-wprss_feed_itemv4\includes\admin-display.php:663
actionadmin_footer-edit.phpv4\includes\admin-display.php:678
actionwp_before_admin_bar_renderv4\includes\admin-display.php:697
filterpre_get_postsv4\includes\admin-display.php:755
actionadmin_footerv4\includes\admin-display.php:796
actionadmin_initv4\includes\admin-editor.php:14
filtermce_external_pluginsv4\includes\admin-editor.php:22
filtermce_buttonsv4\includes\admin-editor.php:33
filtertiny_mce_versionv4\includes\admin-editor.php:50
actionadmin_noticesv4\includes\admin-guide-dl.php:11
actionplugins_loadedv4\includes\admin-help-metaboxes.php:3
actionplugins_loadedv4\includes\admin-help-settings.php:3
actioninitv4\includes\admin-help.php:92
actionadmin_enqueue_scriptsv4\includes\admin-help.php:447
actionadmin_footerv4\includes\admin-help.php:448
actionadmin_menuv4\includes\admin-intro-page.php:26
actioninitv4\includes\admin-intro-page.php:197
actionadd_meta_boxesv4\includes\admin-metaboxes.php:3
actionadd_meta_boxesv4\includes\admin-metaboxes.php:28
actionsave_postv4\includes\admin-metaboxes.php:381
actionadd_meta_boxesv4\includes\admin-metaboxes.php:831
actionplugins_loadedv4\includes\admin-options-legacy.php:3
filterwprss_settings_sections_arrayv4\includes\admin-options-legacy.php:5
actionadmin_initv4\includes\admin-options.php:219
actionwprss_check_license_statusesv4\includes\admin-options.php:1004
actionadmin_initv4\includes\admin-plugins.php:12
actionadmin_footerv4\includes\admin-plugins.php:20
actionadmin_menuv4\includes\admin-update-page.php:11
actionadmin_headv4\includes\admin.php:3
actionadmin_menuv4\includes\admin.php:26
actionadmin_menuv4\includes\admin.php:37
actionadmin_menuv4\includes\admin.php:48
filteradmin_body_classv4\includes\admin.php:53
filterplugin_action_linksv4\includes\admin.php:111
filteradmin_footer_textv4\includes\admin.php:190
filterwp_untrash_post_statusv4\includes\admin.php:224
actionadmin_noticesv4\includes\black-friday-2021.php:3
actionwp_headv4\includes\cpt-feeds.php:3
actioninitv4\includes\cron-jobs.php:31
actionwprss_on_feed_source_activatedv4\includes\cron-jobs.php:34
actionwprss_on_feed_source_pausedv4\includes\cron-jobs.php:37
filtercron_schedulesv4\includes\cron-jobs.php:40
filterwp_link_query_argsv4\includes\deprecated.php:12
actionwprss_pre_initv4\includes\di.php:115
actionwp_container_initv4\includes\di.php:120
actionwprss_container_initv4\includes\di.php:127
filterwprss_core_container_initv4\includes\di.php:134
actionwprss_fetch_feed_beforev4\includes\feed-access.php:51
actionwprss_settings_arrayv4\includes\feed-access.php:52
actionwprss_initv4\includes\feed-access.php:384
actionadmin_initv4\includes\feed-blacklist.php:4
actionadmin_initv4\includes\feed-blacklist.php:6
filterpost_row_actionsv4\includes\feed-blacklist.php:9
actionwprss_items_create_post_metav4\includes\feed-importing-images.php:13
actionwprss_items_create_post_metav4\includes\feed-importing-images.php:14
filterwprss_ftp_post_metav4\includes\feed-importing-images.php:15
filterwpra/images/detect_from_itemv4\includes\feed-importing-images.php:280
filterwp_check_filetype_and_extv4\includes\feed-importing-images.php:906
filterwpra/importer/feed/urlv4\includes\feed-importing-sites.php:5
filterwprss_normalize_permalinkv4\includes\feed-importing.php:10
filterwprss_normalize_permalinkv4\includes\feed-importing.php:11
filterwprss_normalize_permalinkv4\includes\feed-importing.php:12
filterwprss_normalize_permalinkv4\includes\feed-importing.php:13
filterwprss_item_comparatorsv4\includes\feed-importing.php:16
actionwprss_fetch_single_feed_hookv4\includes\feed-importing.php:18
filterwp_feed_cache_transient_lifetimev4\includes\feed-importing.php:267
actioncron_requestv4\includes\feed-importing.php:303
actionpublish_wprss_feedv4\includes\feed-processing.php:185
actionpost_updatedv4\includes\feed-processing.php:214
actionadded_post_metav4\includes\feed-processing.php:275
actionupdated_post_metav4\includes\feed-processing.php:276
actiontrash_wprss_feedv4\includes\feed-processing.php:320
actionwprss_delete_all_feed_items_hookv4\includes\feed-processing.php:345
filterwprss_insert_post_item_conditionalsv4\includes\feed-processing.php:660
actionadmin_initv4\includes\feed-states.php:64
actionadmin_initv4\includes\feed-states.php:118
actionwprss_initv4\includes\leave-review-notification.php:24
actionwprss_display_templatev4\includes\legacy-feed-display.php:379
filterwprss_paginationv4\includes\legacy-feed-display.php:451
actionwprss_admin_initv4\includes\licensing.php:116
actionadmin_initv4\includes\licensing.php:117
actionwprss_settings_license_key_is_validv4\includes\licensing.php:118
actionadmin_initv4\includes\licensing.php:128
actionadmin_initv4\includes\opml-importer.php:255
actioninitv4\includes\scripts.php:10
actionadmin_enqueue_scriptsv4\includes\scripts.php:120
filterenter_title_herev4\includes\scripts.php:171
actionwp_enqueue_scriptsv4\includes\scripts.php:212
actioninitv4\includes\scripts.php:247
actionupdate_option_active_pluginsv4\includes\templates-update.php:6
actioninitv4\includes\update.php:9
actionadmin_noticesv4\includes\v5-notices.php:7
filterin_plugin_update_message-wp-rss-aggregator/wp-rss-aggregator.phpv4\includes\v5-notices.php:36
filtersite_transient_update_pluginsv4\includes\v5-notices.php:70
actionadmin_enqueue_scriptsv4\includes\v5-notices.php:432
actionadmin_enqueue_scriptsv4\includes\v5-notices.php:478
actionwprss_add_settings_fields_sectionsv4\includes\v5-switch.php:11
filterwprss_options_tabs_finalv4\includes\v5-switch.php:20
actionadmin_initv4\includes\v5-switch.php:30
actionupdate_option_wprss_enable_v5v4\includes\v5-switch.php:505
actionadd_option_wprss_enable_v5v4\includes\v5-switch.php:506
filterwpra/importer/feed/urlv4\includes\youtube.php:19
filterwprss_populate_post_datav4\includes\youtube.php:53
filterpost_updated_messagesv4\src\Handlers\AbstractSavePostHandler.php:63
actionadmin_noticesv4\src\Handlers\AbstractSavePostHandler.php:74
actionadmin_enqueue_scriptsv4\src\Modules\AssetsModule.php:24
actionwp_enqueue_scriptsv4\src\Modules\AssetsModule.php:31
actionadmin_enqueue_scriptsv4\src\Modules\BlackFriday23Module.php:25
filterwprss_admin_footer_linksv4\src\Modules\BlackFriday23Module.php:43
actionadmin_noticesv4\src\Modules\BlacklistToolModule.php:112
actionadmin_noticesv4\src\Modules\BlacklistToolModule.php:122
actionadmin_noticesv4\src\Modules\BlacklistToolModule.php:139
actionadmin_initv4\src\Modules\BlacklistToolModule.php:234
actionadmin_initv4\src\Modules\BlacklistToolModule.php:235
actionadmin_initv4\src\Modules\BlacklistToolModule.php:236
actionadmin_initv4\src\Modules\BulkAddToolModule.php:91
actionadmin_initv4\src\Modules\CoreModule.php:237
actioninitv4\src\Modules\CustomFeedModule.php:117
actioninitv4\src\Modules\FeedBlacklistModule.php:191
actionadmin_initv4\src\Modules\FeedBlacklistModule.php:192
actioninitv4\src\Modules\FeedItemsModule.php:265
actionadmin_initv4\src\Modules\FeedItemsModule.php:266
filterpost_type_linkv4\src\Modules\FeedItemsModule.php:269
actioninitv4\src\Modules\FeedSourcesModule.php:385
filterthe_contentv4\src\Modules\FeedSourcesModule.php:386
actionadmin_initv4\src\Modules\FeedSourcesModule.php:387
actionsave_postv4\src\Modules\FeedSourcesModule.php:388
actionedit_form_after_titlev4\src\Modules\FeedSourcesModule.php:391
actionpost_submitbox_startv4\src\Modules\FeedSourcesModule.php:393
actioninitv4\src\Modules\FeedTemplatesModule.php:839
actionadmin_initv4\src\Modules\FeedTemplatesModule.php:841
actionadmin_menuv4\src\Modules\FeedTemplatesModule.php:843
actionwpra/admin_initv4\src\Modules\FeedTemplatesModule.php:851
actionthe_contentv4\src\Modules\FeedTemplatesModule.php:854
actionwp_headv4\src\Modules\FeedTemplatesModule.php:857
actioninitv4\src\Modules\FeedTemplatesModule.php:860
actionwprss_after_restore_settingsv4\src\Modules\FeedTemplatesModule.php:863
actionenqueue_block_editor_assetsv4\src\Modules\GutenbergBlockModule.php:193
actionadd_meta_boxesv4\src\Modules\ImagesModule.php:359
actionadd_meta_boxesv4\src\Modules\ImagesModule.php:364
actionadd_meta_boxesv4\src\Modules\ImagesModule.php:368
actionadmin_initv4\src\Modules\ImagesModule.php:373
actionbefore_delete_postv4\src\Modules\ImagesModule.php:378
filterwprss_set_feed_item_custom_columnsv4\src\Modules\ImagesModule.php:381
actionmanage_wprss_feed_item_posts_custom_columnv4\src\Modules\ImagesModule.php:383
actionadmin_initv4\src\Modules\ImportExportToolsModule.php:174
actionadmin_initv4\src\Modules\ImportExportToolsModule.php:175
filterwprss_register_addonv4\src\Modules\LicensingModule.php:29
actionwprss_init_licensingv4\src\Modules\LicensingModule.php:39
actionadmin_initv4\src\Modules\LicensingModule.php:40
actioninitv4\src\Modules\LoggerModule.php:246
actionadmin_initv4\src\Modules\LogsToolModule.php:151
actionadmin_initv4\src\Modules\LogsToolModule.php:153
actionadmin_initv4\src\Modules\LogsToolModule.php:155
actionadmin_initv4\src\Modules\LoremModule.php:22
actionwprss_admin_exclusive_scripts_stylesv4\src\Modules\LoremModule.php:25
actionwpra/help_page/bottomv4\src\Modules\LoremModule.php:28
filterpll_get_post_typesv4\src\Modules\PolyLangCompatModule.php:61
actionadmin_noticesv4\src\Modules\ResetToolModule.php:52
actionadmin_noticesv4\src\Modules\ResetToolModule.php:77
actionadmin_initv4\src\Modules\ResetToolModule.php:147
actionadmin_initv4\src\Modules\ResetToolModule.php:148
actionrest_api_initv4\src\Modules\RestApiModule.php:80
actionadmin_initv4\src\Modules\SysInfoToolModule.php:96
actionadmin_menuv4\src\Modules\ToolsModule.php:138
actionadmin_menuv4\src\Modules\UpsellModule.php:27
actionwpra_share_the_love_metaboxv4\src\Modules\UpsellModule.php:34
actionplugins_loadedv4.php:316
actionplugins_loadedv4.php:318
actionplugins_loadedv4.php:320
filterwpra_plugin_modulesv4.php:468
actionall_admin_noticesv4.php:484
actioninitv4.php:713
actionafter_plugin_rowv4.php:730
actioninitv4.php:756
actioninitv4.php:778
actionafter_plugin_rowv4.php:832
filterwpra/templates/fallback_to_legacy_systemv4.php:1075
actionafter_plugin_rowv4.php:1080
filterwpra/core/plugin_dir_pathwp-rss-aggregator.php:33
actioninitwp-rss-aggregator.php:50
actionadmin_noticeswp-rss-aggregator.php:59
actionadmin_noticeswp-rss-aggregator.php:77

Scheduled Events 7

wprss_fetch_single_feed_hook
wprss_delete_feed_items_from_source_hook
wprss_fetch_single_feed_hook
wprss_fetch_all_feeds_hook
wprss_fetch_single_feed_hook
wprss_fetch_single_feed_hook
wprss_delete_all_feed_items_hook
Maintenance & Trust

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 3, 2026
PHP min version7.4.0
Downloads3.3M

Community Trust

Rating90/100
Number of ratings555
Active installs50K
Alternatives

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Alternatives

RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator

RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator

feedzy-rss-feeds

A
92

The most powerful WordPress RSS aggregator, helping you curate content, autoblog, import RSS & display unlimited RSS feeds within a few minutes.

40K 11 CVEs
RSS Feed Retriever

RSS Feed Retriever

wp-rss-retriever

B
84

The fastest RSS feeds plugin for WordPress. Includes excerpt & thumbnail image. Use as a news aggregator, autoblog, or RSS parsing.

8K 2 CVEs
Content Pilot – Autoblogging & Affiliate Marketing Suite

Content Pilot – Autoblogging & Affiliate Marketing Suite

wp-content-pilot

A
98

Automatically post contents, create news feeds, import and display unlimited RSS feeds from various sources in a few clicks!

1K 2 CVEs
WPeMatico RSS Feed Fetcher

WPeMatico RSS Feed Fetcher

wpematico

A
96

WPeMatico is autoblogging in the blink of an eye! On complete autopilot, WPeMatico delivers fresh content to your site regularly!

10K 6 CVEs
Auto Robot – WP Autoblogging and RSS Feed News Aggregator

Auto Robot – WP Autoblogging and RSS Feed News Aggregator

auto-robot

A
100

Auto blogging and generate WordPress posts automatically from OpenAI ChatGPT, RSS Feed, Instagram, Youtube, Facebook, Twitter, Vimeo, Flickr and etc.

100 No CVEs
Developer Profile

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Developer Profile

RebelCode

2 plugins · 110K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
400 days
View full developer profile
Detection Fingerprints

How We Detect RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-rss-aggregator/core/css/admin-frame.css/wp-content/plugins/wp-rss-aggregator/core/css/admin-shell.css/wp-content/plugins/wp-rss-aggregator/core/css/admin.css/wp-content/plugins/wp-rss-aggregator/core/js/dist/admin.js/wp-content/plugins/wp-rss-aggregator/core/js/admin-shell.js
Script Paths
/wp-content/plugins/wp-rss-aggregator/core/js/dist/admin.js/wp-content/plugins/wp-rss-aggregator/core/js/admin-shell.js
Version Parameters
/wp-content/plugins/wp-rss-aggregator/core/css/admin-frame.css?ver=/wp-content/plugins/wp-rss-aggregator/core/js/dist/admin.js?ver=/wp-content/plugins/wp-rss-aggregator/core/css/admin-shell.css?ver=/wp-content/plugins/wp-rss-aggregator/core/js/admin-shell.js?ver=/wp-content/plugins/wp-rss-aggregator/core/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes
wpra-shell-menu-badgewpra-admin-ui-frame
Data Attributes
id="wpra-admin-ui-frame"
JS Globals
window.wpra
FAQ

Frequently Asked Questions about RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging