CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

225 matches found

NVD•added 2019/11/13 9:15 p.m.•19 views

CVE-2019-17550

The Blog2Social plugin before 5.9.0 for WordPress is affected by: Cross Site Scripting XSS. The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the b2sid parameter. The component is: views/b2s/post.calendar.php. The attack vector is: When the Administrator is logge...

6.1CVSS6.2AI score0.01336EPSS

Exploits0References4

Prion•added 2019/11/13 9:15 p.m.•20 views

Cross site scripting

4.3CVSS6AI score0.01336EPSS

Exploits0References4Affected Software1

Cvelist•added 2019/11/13 8:23 p.m.•22 views

CVE-2019-17550

6.2AI score0.01336EPSS

Exploits0References4

CVE•added 2019/11/13 8:23 p.m.•75 views

CVE-2019-17550

CVE-2019-17550 affects the WordPress Blog2Social plugin prior to version 5.9.0. The vulnerability is a reflected Cross‑Site Scripting (XSS) in the b2s_id parameter handled by views/b2s/post.calendar.php. When an administrator is logged in, clicking a malicious URL can cause arbitrary HTML/JavaScr...

6.1CVSS6.1AI score0.01336EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2019/09/24 12:0 a.m.•15 views

Blog2Social Plugin for WordPress < 5.6.0 SQL Injection

The WordPress Blog2Social Plugin installed on the remote host is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input. A remote attacker can exploit this issue to manipulate SQL queries, resulting in the disclosure of sensitive information and modification...

9.8CVSS7.8AI score0.02183EPSS

Exploits0References3

OSV•added 2019/08/01 3:15 p.m.•2 views

CVE-2019-13572

The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection...

9.8CVSS5.8AI score

Exploits0References3

NVD•added 2019/08/01 3:15 p.m.•10 views

CVE-2019-13572

The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection...

9.8CVSS9.8AI score0.02183EPSS

Exploits0References3

Prion•added 2019/08/01 3:15 p.m.•17 views

Sql injection

The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection...

7.5CVSS9.7AI score0.02183EPSS

Exploits0References3Affected Software1

CVE•added 2019/08/01 2:35 p.m.•70 views

CVE-2019-13572

The CVE concerns the WordPress Blog2Social plugin (Adenion) up to version 5.5.0. Root cause: improper sanitization of user-supplied input leads to a SQL injection vulnerability. Impact (per sources): remote attacker could manipulate SQL queries, potentially exposing sensitive data and modifying d...

9.8CVSS9.7AI score0.02183EPSS

Exploits0References3Affected Software1

Cvelist•added 2019/08/01 2:35 p.m.•14 views

CVE-2019-13572

The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection...

9.8AI score0.02183EPSS

Exploits0References3

Positive Technologies•added 2019/08/01 12:0 a.m.•4 views

PT-2019-13432 · WordPress · Blog2Social

Name of the Vulnerable Software and Affected Versions: Blog2Social plugin versions prior to 5.5.1 Description: The issue allows SQL Injection. Recommendations: For Blog2Social plugin versions prior to 5.5.1, update to version 5.5.1 or later to resolve the issue...

9.8CVSS9.6AI score0.02183EPSS

Exploits0References5

Patchstack•added 2019/07/26 12:0 a.m.•11 views

WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Tin Duong in WordPress Blog2Social plugin versions = 5.5.0. Solution Update the Blog2Social: Social Media Auto Post & Scheduler plugin to the latest available version at least 5.6.0...

3.4AI score

Exploits0References1Affected Software1

WPVulnDB•added 2019/07/25 12:0 a.m.•17 views

Blog2Social <= 5.5.0 - SQL Injection

A SQL injection vulnerability exists in the Adenion Blog2Social plugin through 5.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.2AI score0.02183EPSS

Exploits0References2Affected Software1

OpenVAS•added 2019/05/13 12:0 a.m.•43 views

WordPress Blog2Social Plugin < 5.0.3 XSS Vulnerability

The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

6.1CVSS6.3AI score0.01408EPSS

Exploits2References3

Patchstack•added 2019/03/12 12:0 a.m.•24 views

WordPress Blog2Social plugin <= 5.0.2 - Authenticated Cross-Site Scripting (XSS) vulnerability

Authenticated Cross-Site Scripting XSS vulnerability found by Tim Coen in WordPress Blog2Social plugin versions = 5.0.2. Solution Update the WordPress Blog2Social plugin to the latest available version at least 5.0.3...

6.1CVSS2AI score0.01408EPSS

Exploits2References2Affected Software1

CVE0DAY•added 2019/03/07 1:41 p.m.•91 views

WordPress Blog2Social plugin CVE-2019-9576 XSS

Description The Blog2Social WordPress plugin is vulnerable to reflected XSS as it echoes the b2supdatepublishdate parameter without proper encoding. Successful exploitation allows an attacker to execute JavaScript in the context of the application in the name of an attacked user. This in turn...

4.3CVSS0.3AI score0.01408EPSS

Exploits2

OSV•added 2019/03/05 9:29 p.m.•2 views

CVE-2019-9576

The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS...

6.1CVSS6.3AI score

Exploits0References3

NVD•added 2019/03/05 9:29 p.m.•20 views

CVE-2019-9576

The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS...

6.1CVSS6.4AI score0.01408EPSS

Exploits2References3