Lucene search
+L

156 matches found

wpvulndb
wpvulndb
added 2021/10/29 12:0 a.m.21 views

NextScripts: Social Networks Auto-Poster < 4.3.21 - Reflected Cross-Site Scripting

The plugin does not escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...

6.1CVSS6AI score0.00845EPSS
Exploits3References1Affected Software1
wordfence
wordfence
added 2021/10/28 11:23 p.m.28 views

XSS Vulnerability in NextScripts: Social Networks Auto-Poster Plugin Impacts 100,000 Sites

Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On August 19, 2021, the Wordfence Threat Intelligence team began the disclosure process for a reflected Cross-Site ScriptingXSS vulnerability we found in...

4.3CVSS6.1AI score0.00845EPSS
Exploits3
patchstack
patchstack
added 2021/10/28 12:0 a.m.17 views

WordPress NextScripts: Social Networks Auto-Poster plugin <= 4.3.20 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ramuel Gall WordFence in WordPress NextScripts: Social Networks Auto-Poster plugin versions = 4.3.20. Solution Update the WordPress NextScripts: Social Networks Auto-Poster plugin to the latest available version at least 4.3.21...

2.5AI score0.00845EPSS
Exploits3References3Affected Software1
patchstack
patchstack
added 2020/09/06 12:0 a.m.10 views

WordPress NextScripts: Social Networks Auto-Poster plugin <= 4.3.17 - Insufficient Privilege Validation vulnerability

Insufficient Privilege Validation vulnerability found by John Castro Sucuri in WordPress NextScripts: Social Networks Auto-Poster plugin versions = 4.3.17. Solution Update the WordPress NextScripts: Social Networks Auto-Poster plugin to the latest available version at least 4.3.18...

3.5AI score
Exploits0References2Affected Software1
wpvulndb
wpvulndb
added 2020/09/05 12:0 a.m.11 views

NextScripts: Social Networks Auto-Poster < 4.3.18 - Insufficient Privilege Validation

The plugin is giving access to several functionalities without proper authorisation checks, allowing low privileged attackers the possibility to Remove Posts by corrupting the post type and other data, Post Arbitrary Information in the site social networks as well as Change the plugin settings...

5.6AI score
Exploits0References1Affected Software1
openvas
openvas
added 2019/04/01 12:0 a.m.20 views

WordPress Social Networks Auto-Poster Plugin < 4.2.8 XSS Vulnerability

The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

6.1CVSS6.4AI score0.01253EPSS
Exploits1References2
nvd
nvd
added 2019/03/22 12:29 a.m.24 views

CVE-2019-9911

The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS...

6.1CVSS6.4AI score0.01253EPSS
Exploits1References3
osv
osv
added 2019/03/22 12:29 a.m.4 views

CVE-2019-9911

The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS...

6.1CVSS6.4AI score0.01253EPSS
Exploits1References3
cve
cve
added 2019/03/21 11:1 p.m.60 views

CVE-2019-9911

CVE-2019-9911 concerns the WordPress plugin NextScripts: Social Networks Auto-Poster (Facebook-Twitter-G), specifically versions prior to 4.2.8. The vulnerability is an XSS in the admin endpoint wp-admin/admin.php?page=nxssnap-reposter&action=edit, which can be triggered in the affected context. ...

6.1CVSS6.3AI score0.01253EPSS
Exploits1References3Affected Software1
ptsecurity
ptsecurity
added 2019/03/21 12:0 a.m.4 views

PT-2019-19929 · WordPress · Social-Networks-Auto-Poster-Facebook-Twitter-G

Name of the Vulnerable Software and Affected Versions: social-networks-auto-poster-facebook-twitter-g plugin versions prior to 4.2.8 Description: The issue concerns an item XSS in the wp-admin/admin.php?page=nxssnap-reposter&action=edit endpoint. Recommendations: For versions prior to 4.2.8, upda...

6.1CVSS6AI score0.01253EPSS
Exploits1References5
packetstorm
packetstorm
added 2019/02/06 12:0 a.m.75 views

WordPress Social Networks Auto-Poster 4.2.7 Cross Site Scripting

Vulnerability: XSS Affected Software: NextScripts: Social Networks Auto-Poster Affected Version: 4.2.7 Patched Version: 4.2.8 CVE: not requested Risk: Medium Vendor Contacted: 10/25/2018 Vendor Fix: 11/02/2018 Public Disclosure: 02/05/2019 Credit: Tim Coen CVSS 6.1 Medium...

Exploits0
wpvulndb
wpvulndb
added 2019/02/05 12:0 a.m.20 views

NextScripts: Social Networks Auto-Poster < 4.2.8 - Authenticated Reflected Cross-Site Scripting (XSS)

The NextScripts: Social Networks Auto-Poster WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting XSS security vulnerability...

4.3CVSS2.2AI score0.01253EPSS
Exploits1References2Affected Software1
cnvd
cnvd
added 2015/06/04 12:0 a.m.3 views

WordPress NextScripts: Social Networks Auto-Poster HTML Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on PHP and MySQL servers.NextScripts: Social Networks Auto-Poster is one of the plug-ins that automatically forwards blog posts to Facebook and oth...

7.7AI score
Exploits0References1
patchstack
patchstack
added 2015/05/25 12:0 a.m.10 views

WordPress Social Networks Auto-Poster Plugin <= 3.4.17 - Stored XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

2.3AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2015/05/25 12:0 a.m.16 views

NextScripts: Social Networks Auto-Poster < 3.4.18 - CSRF to Stored XSS

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to a Persistent XSS attack on the settings screen, due to a lack of sanitation of user input, and lack of Cross-Site Request Forgery token nonce. If a page with the following FORM in is visited by an administrative...

0.2AI score
Exploits0References1
packetstorm
packetstorm
added 2012/04/16 12:0 a.m.33 views

Yahoo Answer Wordpress Auto Poster Cross Site Scripting

Exploit Title: Yahoo Answer Wordpress Auto PosterPlugin "3 OR "alertdocument.cookie Dem0 : http://www.tryscripts.org/wordpress/yahoo/ FB : www.fb.me/justryuz +---------------------------------------------------+ Greetz to : CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,...

0.5AI score
Exploits0
Rows per page
Query Builder