Lucene search
K

229 matches found

Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.7 views

PT-2024-3150 · WordPress · Blog2Social

Name of the Vulnerable Software and Affected Versions: Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress versions up to, and including, 7.4.2 Description: The issue is related to insufficient protection of sensitive data, allowing unauthenticated attackers to view limited...

5.3CVSS6.3AI score0.00565EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.6 views

The vulnerability of the Blog2Social plugin of the WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Blog2Social plugin of the WordPress content management system exists due to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6AI score0.0093EPSS
Exploits2References4Affected Software1
OpenVAS
OpenVAS
added 2023/10/31 12:0 a.m.21 views

WordPress Blog2Social Plugin < 6.9.12 Missing Authorization Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adenion:blog2social"; ifdescription...

4.3CVSS5.9AI score0.00595EPSS
Exploits2References1
OSV
OSV
added 2023/10/20 8:15 a.m.2 views

CVE-2022-3622

The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...

4.3CVSS5.7AI score0.00595EPSS
Exploits2References4
NVD
NVD
added 2023/10/20 8:15 a.m.18 views

CVE-2022-3622

The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...

4.3CVSS4.5AI score0.00595EPSS
Exploits2References4
Prion
Prion
added 2023/10/20 8:15 a.m.20 views

Authorization

The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...

4CVSS4.5AI score0.00595EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2023/10/20 7:29 a.m.78 views

CVE-2022-3622

CVE-2022-3622 concerns the WordPress plugin Blog2Social. The vulnerability is an authorization bypass caused by missing capability checks in affected versions up to 6.9.11, allowing authenticated users with subscriber-level permissions and above to modify admin-only plugin settings. Reports acros...

4.3CVSS4.3AI score0.00595EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 7:29 a.m.19 views

CVE-2022-3622 Blog2Social <= 6.9.11 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...

4.1CVSS5.8AI score0.00595EPSS
Exploits2References4
OSV
OSV
added 2023/09/06 9:15 a.m.4 views

CVE-2023-40554

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...

6.1CVSS5.8AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2023/09/06 9:15 a.m.29 views

CVE-2023-40554

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...

7.1CVSS6.2AI score0.00352EPSS
Exploits0References1
Prion
Prion
added 2023/09/06 9:15 a.m.28 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...

5.8CVSS6AI score0.00352EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/06 8:14 a.m.25 views

CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...

7.1CVSS6.3AI score0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/06 8:14 a.m.13 views

CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...

7.1CVSS5.9AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2023/09/06 8:14 a.m.50 views

CVE-2023-40554

Summary: CVE-2023-40554 affects the WordPress plugin Blog2Social: Social Media Auto Post & Scheduler (Adenion)

7.1CVSS6AI score0.00352EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.6 views

PT-2023-27507 · Unknown · Adenion Blog2Social

Name of the Vulnerable Software and Affected Versions: Adenion Blog2Social: Social Media Auto Post & Scheduler plugin versions = 7.2.0 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website,...

7.1CVSS6.1AI score0.00352EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/09/06 12:0 a.m.7 views

WordPress plugin Blog2Social: Social Media Auto Post & Scheduler Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Blog2Social: Social Media...

7.1CVSS6.1AI score0.00352EPSS
Exploits0References2
OSV
OSV
added 2023/08/21 5:15 p.m.3 views

CVE-2023-3936

The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS5.8AI score0.0093EPSS
Exploits2References1
NVD
NVD
added 2023/08/21 5:15 p.m.21 views

CVE-2023-3936

The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.0093EPSS
Exploits2References1
Prion
Prion
added 2023/08/21 5:15 p.m.17 views

Cross site scripting

The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

5.8CVSS6AI score0.0093EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/08/21 12:29 p.m.26 views

CVE-2023-3936 Blog2Social < 7.2.1 - Reflected XSS

The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.0093EPSS
Exploits2References1
Rows per page
Query Builder