229 matches found
PT-2024-3150 · WordPress · Blog2Social
Name of the Vulnerable Software and Affected Versions: Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress versions up to, and including, 7.4.2 Description: The issue is related to insufficient protection of sensitive data, allowing unauthenticated attackers to view limited...
The vulnerability of the Blog2Social plugin of the WordPress content management system allows attackers to perform cross-site scripting attacks.
The vulnerability of the Blog2Social plugin of the WordPress content management system exists due to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
WordPress Blog2Social Plugin < 6.9.12 Missing Authorization Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adenion:blog2social"; ifdescription...
CVE-2022-3622
The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...
CVE-2022-3622
The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...
Authorization
The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...
CVE-2022-3622
CVE-2022-3622 concerns the WordPress plugin Blog2Social. The vulnerability is an authorization bypass caused by missing capability checks in affected versions up to 6.9.11, allowing authenticated users with subscriber-level permissions and above to modify admin-only plugin settings. Reports acros...
CVE-2022-3622 Blog2Social <= 6.9.11 - Missing Authorization to Authenticated (Subscriber+) Settings Update
The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change some plugin settings intended to be...
CVE-2023-40554
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...
CVE-2023-40554
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...
CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...
CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...
CVE-2023-40554
Summary: CVE-2023-40554 affects the WordPress plugin Blog2Social: Social Media Auto Post & Scheduler (Adenion)
PT-2023-27507 · Unknown · Adenion Blog2Social
Name of the Vulnerable Software and Affected Versions: Adenion Blog2Social: Social Media Auto Post & Scheduler plugin versions = 7.2.0 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website,...
WordPress plugin Blog2Social: Social Media Auto Post & Scheduler Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Blog2Social: Social Media...
CVE-2023-3936
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-3936
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Cross site scripting
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-3936 Blog2Social < 7.2.1 - Reflected XSS
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...