WordPress NextScripts: Social Networks Auto-Poster plugin <= 4.3.17 - Insufficient Privilege Validation vulnerability

Insufficient Privilege Validation vulnerability found by John Castro Sucuri in WordPress NextScripts: Social Networks Auto-Poster plugin versions = 4.3.17. Solution Update the WordPress NextScripts: Social Networks Auto-Poster plugin to the latest available version at least 4.3.18...

NextScripts: Social Networks Auto-Poster < 4.3.18 - Insufficient Privilege Validation

The plugin is giving access to several functionalities without proper authorisation checks, allowing low privileged attackers the possibility to Remove Posts by corrupting the post type and other data, Post Arbitrary Information in the site social networks as well as Change the plugin settings...

WordPress NextScripts plugin <= 4.2.7 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Tim Coen in WordPress NextScripts plugin versions = 4.2.7. Solution Update the WordPress NextScripts plugin to the latest available version at least 4.2.8...

WordPress Social Networks Auto-Poster 4.2.7 Cross Site Scripting

Vulnerability: XSS Affected Software: NextScripts: Social Networks Auto-Poster Affected Version: 4.2.7 Patched Version: 4.2.8 CVE: not requested Risk: Medium Vendor Contacted: 10/25/2018 Vendor Fix: 11/02/2018 Public Disclosure: 02/05/2019 Credit: Tim Coen CVSS 6.1 Medium...

NextScripts: Social Networks Auto-Poster < 4.2.8 - Authenticated Reflected Cross-Site Scripting (XSS)

The NextScripts: Social Networks Auto-Poster WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting XSS security vulnerability...

WordPress NextScripts: Social Networks Auto-Poster HTML Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on PHP and MySQL servers.NextScripts: Social Networks Auto-Poster is one of the plug-ins that automatically forwards blog posts to Facebook and oth...

NextScripts: Social Networks Auto-Poster < 3.4.18 - CSRF to Stored XSS

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to a Persistent XSS attack on the settings screen, due to a lack of sanitation of user input, and lack of Cross-Site Request Forgery token nonce. If a page with the following FORM in is visited by an administrative...

NextScripts: Social Networks Auto-Poster < 3.4.18 - CSRF to Stored XSS

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to a Persistent XSS attack on the settings screen, due to a lack of sanitation of user input, and lack of Cross-Site Request Forgery token nonce. PoC If a page with the following FORM in is visited by an administrativ...