Lucene search
+L

156 matches found

Vulnrichment
Vulnrichment
added 2024/05/22 6:50 a.m.16 views

CVE-2024-1762 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Unauthenticated Stored Cross-Site Scripting via User Agent

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTPUSERAGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

6.1CVSS6.2AI score0.00389EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.6 views

WordPress plugin NextScripts Social Networks Auto-Poster 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site...

5.4CVSS6.3AI score0.00181EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.4 views

WordPress plugin NextScripts Social Networks Auto-Poster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

8.5CVSS5.8AI score0.00345EPSS
Exploits0References4
NVD
NVD
added 2024/04/07 6:15 p.m.17 views

CVE-2024-31345

Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2...

9.1CVSS9.3AI score0.0085EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/07 5:27 p.m.12 views

CVE-2024-31345 WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2...

9.1CVSS8.6AI score0.0085EPSS
Exploits0References1
CVE
CVE
added 2024/04/07 5:27 p.m.70 views

CVE-2024-31345

CVE-2024-31345 affects the WordPress plugin Auto Poster . It is an Authenticated (Administrator+) vulnerability with Unrestricted/Arbitrary File Upload of dangerous types, according to Red Hat and Wordfence entries. The issue affects Auto Poster: from n/a through 1.2, and the vulnerability is cur...

9.1CVSS8.6AI score0.0085EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/07 5:27 p.m.25 views

CVE-2024-31345 WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2...

9.1CVSS9.4AI score0.0085EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/07 12:0 a.m.7 views

WordPress Plugin Auto Poster 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

9.1CVSS8.4AI score0.0085EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/07 12:0 a.m.12 views

PT-2024-23988 · Unknown · Sukhchain Singh Auto Poster

Name of the Vulnerable Software and Affected Versions: Sukhchain Singh Auto Poster versions 1.2 and earlier Description: The issue affects the Auto Poster, allowing for the unrestricted upload of files with dangerous types. Recommendations: For versions 1.2 and earlier, update to a version that...

9.1CVSS9.5AI score0.0085EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/05 11:13 a.m.4 views

WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by younsoung kim, SeoHyeon Lee, MyungJu Kim, SeoHee Kang in WordPress Plugin Auto Poster versions = 1.2...

9.1CVSS7AI score0.0085EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.8 views

WordPress Auto Poster Plugin <= 1.2 is vulnerable to Arbitrary File Upload

Software Auto Poster Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-31345 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 328c54e266f4 Credits younsoung kim, SeoHyeon Lee,...

9.1CVSS6.5AI score0.0085EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/15 3:15 p.m.4 views

CVE-2023-49183

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2...

6.1CVSS7.3AI score0.00407EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 3:15 p.m.37 views

CVE-2023-49183

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2...

7.1CVSS0.00407EPSS
Exploits0References1
CVE
CVE
added 2023/12/15 2:54 p.m.52 views

CVE-2023-49183

CVE-2023-49183 is a reflected XSS in NextScripts: Social Networks Auto-Poster for WordPress, affecting versions up to 4.4.2. Root cause: improper input handling for the 'code' parameter leading to unescaped output. Impact stated in sources: Reflected XSS; exploitation could occur via crafted inpu...

7.1CVSS7.1AI score0.00407EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.4 views

WordPress Plugin NextScripts: Social Networks Auto-Poster Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin NextScripts: Social Networks Auto-Poste...

7.1CVSS6AI score0.00407EPSS
Exploits0References2
OSV
OSV
added 2023/11/22 2:15 p.m.4 views

CVE-2023-26532

Cross-Site Request Forgery CSRF vulnerability in AccessPress Themes Social Auto Poster plugin = 2.1.4 versions...

8.8CVSS5.8AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2023/11/22 2:15 p.m.16 views

CVE-2023-26532

Cross-Site Request Forgery CSRF vulnerability in AccessPress Themes Social Auto Poster plugin = 2.1.4 versions...

8.8CVSS0.00269EPSS
Exploits0References1
Prion
Prion
added 2023/11/22 2:15 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in AccessPress Themes Social Auto Poster plugin = 2.1.4 versions...

6.8CVSS7.4AI score0.00269EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/22 2:0 p.m.45 views

CVE-2023-26532

The CVE-2023-26532 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the AccessPress Themes Social Auto Poster plugin for WordPress, affecting versions up to and including 2.1.4. Root cause: CSRF could allow unauthorized actions on behalf of a logged-in user (or unauthenticated...

8.8CVSS7.2AI score0.00269EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.5 views

WordPress Plugin Social Auto Poster Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS6.6AI score0.00269EPSS
Exploits0References2
Rows per page
Query Builder