Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/09/05 1:45 p.m.11 views

CVE-2025-58846 WordPress WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule Plugin <= 2020.1.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule buffer-my-post allows Reflected XSS.This issue affects WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and...

7.1CVSS0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 p.m.10 views

CVE-2022-3247

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not have authorisation in an AJAX action, and does not ensure that the URL to make a request to is an external one. As a result, any authenticated users, such as subscriber could perform SSRF attacks...

6.5CVSS6.5AI score0.0066EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/09/06 8:14 a.m.26 views

CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin = 7.2.0 versions...

7.1CVSS6.3AI score0.00352EPSS
Exploits0References1
Patchstack
Patchstack
added 2019/07/26 12:0 a.m.12 views

WordPress Blog2Social plugin <= 5.5.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Tin Duong in WordPress Blog2Social plugin versions = 5.5.0. Solution Update the Blog2Social: Social Media Auto Post & Scheduler plugin to the latest available version at least 5.6.0...

3.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder