156 matches found
NextScripts: Social Networks Auto-Poster < 4.3.21 - Reflected Cross-Site Scripting
The plugin does not escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
XSS Vulnerability in NextScripts: Social Networks Auto-Poster Plugin Impacts 100,000 Sites
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On August 19, 2021, the Wordfence Threat Intelligence team began the disclosure process for a reflected Cross-Site ScriptingXSS vulnerability we found in...
WordPress NextScripts: Social Networks Auto-Poster plugin <= 4.3.20 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Ramuel Gall WordFence in WordPress NextScripts: Social Networks Auto-Poster plugin versions = 4.3.20. Solution Update the WordPress NextScripts: Social Networks Auto-Poster plugin to the latest available version at least 4.3.21...
WordPress NextScripts: Social Networks Auto-Poster plugin <= 4.3.17 - Insufficient Privilege Validation vulnerability
Insufficient Privilege Validation vulnerability found by John Castro Sucuri in WordPress NextScripts: Social Networks Auto-Poster plugin versions = 4.3.17. Solution Update the WordPress NextScripts: Social Networks Auto-Poster plugin to the latest available version at least 4.3.18...
NextScripts: Social Networks Auto-Poster < 4.3.18 - Insufficient Privilege Validation
The plugin is giving access to several functionalities without proper authorisation checks, allowing low privileged attackers the possibility to Remove Posts by corrupting the post type and other data, Post Arbitrary Information in the site social networks as well as Change the plugin settings...
WordPress Social Networks Auto-Poster Plugin < 4.2.8 XSS Vulnerability
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...
CVE-2019-9911
The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS...
CVE-2019-9911
The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS...
CVE-2019-9911
CVE-2019-9911 concerns the WordPress plugin NextScripts: Social Networks Auto-Poster (Facebook-Twitter-G), specifically versions prior to 4.2.8. The vulnerability is an XSS in the admin endpoint wp-admin/admin.php?page=nxssnap-reposter&action=edit, which can be triggered in the affected context. ...
PT-2019-19929 · WordPress · Social-Networks-Auto-Poster-Facebook-Twitter-G
Name of the Vulnerable Software and Affected Versions: social-networks-auto-poster-facebook-twitter-g plugin versions prior to 4.2.8 Description: The issue concerns an item XSS in the wp-admin/admin.php?page=nxssnap-reposter&action=edit endpoint. Recommendations: For versions prior to 4.2.8, upda...
WordPress Social Networks Auto-Poster 4.2.7 Cross Site Scripting
Vulnerability: XSS Affected Software: NextScripts: Social Networks Auto-Poster Affected Version: 4.2.7 Patched Version: 4.2.8 CVE: not requested Risk: Medium Vendor Contacted: 10/25/2018 Vendor Fix: 11/02/2018 Public Disclosure: 02/05/2019 Credit: Tim Coen CVSS 6.1 Medium...
NextScripts: Social Networks Auto-Poster < 4.2.8 - Authenticated Reflected Cross-Site Scripting (XSS)
The NextScripts: Social Networks Auto-Poster WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting XSS security vulnerability...
WordPress NextScripts: Social Networks Auto-Poster HTML Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on PHP and MySQL servers.NextScripts: Social Networks Auto-Poster is one of the plug-ins that automatically forwards blog posts to Facebook and oth...
WordPress Social Networks Auto-Poster Plugin <= 3.4.17 - Stored XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
NextScripts: Social Networks Auto-Poster < 3.4.18 - CSRF to Stored XSS
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to a Persistent XSS attack on the settings screen, due to a lack of sanitation of user input, and lack of Cross-Site Request Forgery token nonce. If a page with the following FORM in is visited by an administrative...
Yahoo Answer Wordpress Auto Poster Cross Site Scripting
Exploit Title: Yahoo Answer Wordpress Auto PosterPlugin "3 OR "alertdocument.cookie Dem0 : http://www.tryscripts.org/wordpress/yahoo/ FB : www.fb.me/justryuz +---------------------------------------------------+ Greetz to : CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,...