Social Auto Poster <= 5.3.14 - Stored Cross-Site Scripting

Social Auto Poster plugin for WordPress versions up to 5.3.14 contains a stored cross-site scripting caused by insufficient sanitization and escaping of 'mapTypes' parameter in the 'wpwautopostermapwordpressposttype' AJAX function, letting unauthenticated attackers inject and execute arbitrary...

EUVD-2024-43338

Malicious code in bioql PyPI...

EUVD-2024-42405

Malicious code in bioql PyPI...

EUVD-2023-30329

Malicious code in bioql PyPI...

EUVD-2024-47787

Malicious code in bioql PyPI...

EUVD-2024-47788

Malicious code in bioql PyPI...

EUVD-2024-47789

Malicious code in bioql PyPI...

CVE-2024-49272

Cross-Site Request Forgery CSRF vulnerability in wpweb Social Auto Poster social-auto-poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through = 5.3.15...

CVE-2024-6755

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpwautoposterquickdeletemultiple’ function in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to delete...

CVE-2024-6754

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpwautoposterupdatetweettemplate’ function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2023-26532

Cross-Site Request Forgery CSRF vulnerability in AccessPress Themes Social Auto Poster plugin = 2.1.4 versions...

CVE-2024-47369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweb Social Auto Poster social-auto-poster allows Reflected XSS.This issue affects Social Auto Poster: from n/a through = 5.3.15...

CVE-2024-6753

The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpwautopostermapwordpressposttype' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-6750

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add, modify, or delete pos...

CVE-2024-6756

The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpwautopostergetimagepath' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Contributor-level and above...

CVE-2024-49272

Cross-Site Request Forgery CSRF vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15...

CVE-2024-49272

Cross-Site Request Forgery CSRF vulnerability in wpweb Social Auto Poster social-auto-poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through = 5.3.15...

CVE-2024-49272 WordPress Social Auto Poster plugin <= 5.3.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15...

CVE-2024-49272 WordPress Social Auto Poster plugin <= 5.3.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in wpweb Social Auto Poster social-auto-poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through = 5.3.15...

CVE-2024-49272

CVE-2024-49272 : A CSRF vulnerability exists in the WordPress plugin Social Auto Poster (WPWeb Social Auto Poster) that allows unauthorized actions to be performed on behalf of a user. Affected versions are listed as n/a through 5.3.15. The issue has a patch available: update to version 5.3.16 or...