WordPress plugin NextScripts: Social Networks Auto-Poster 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin NextScripts: Social Network...

EUVD-2019-19266

Malware in sbrugna...

EUVD-2023-53188

Malicious code in bioql PyPI...

EUVD-2024-27052

Malicious code in bioql PyPI...

CVE-2020-36831

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on multiple user privilege/security functions provided in versions up to, and including 4.3.17. This makes it possible for low-privileged attackers, like...

CVE-2020-36831 NextScripts: Social Networks Auto-Poster <= 4.3.17 - Missing Authorization

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on multiple user privilege/security functions provided in versions up to, and including 4.3.17. This makes it possible for low-privileged attackers, like...

WordPress plugin NextScripts: Social Networks Auto-Poster 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. An Access Control Error vulnerability exists in WordPres...

CVE-2024-2088

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxsgetExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...

CVE-2024-1762

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTPUSERAGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

CVE-2024-2088

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxsgetExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...

CVE-2024-2088 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Authenticated(Subscriber+) Sensitive Information Exposure

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxsgetExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...

WordPress plugin NextScripts Social Networks Auto-Poster 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site...

CVE-2023-49183

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2...

CVE-2023-49183

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2...

CVE-2023-49183

CVE-2023-49183 is a reflected XSS in NextScripts: Social Networks Auto-Poster for WordPress, affecting versions up to 4.4.2. Root cause: improper input handling for the 'code' parameter leading to unescaped output. Impact stated in sources: Reflected XSS; exploitation could occur via crafted inpu...

WordPress Plugin NextScripts: Social Networks Auto-Poster Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin NextScripts: Social Networks Auto-Poste...

NextScripts: Social Networks Auto-Poster < 4.3.26 - Reflected Cross-Site Scripting

The plugin does not escape a generated URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=nxssnap"...

WordPress NextScripts:Social Networks Auto-Poster插件跨站脚本漏洞

NextScripts:Social Networks Auto-Poster WordPress plugin is vulnerable to a cross-site scripting vulnerability in versions prior to 4.3.24. The vulnerability stems from the fact that log requests are not escaped before being exported to the relevant administrative The vulnerability stems from the...

WordPress NextScripts:Social Networks Auto-Poster plugin cross-site request forgery vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. WordPress NextScripts:Social Networks Auto-Poster plugin is vulnerable to cross-site request forgery in versions prior to 4.3.25. The vulnerability stems from the fact that there is no CSRF check...

CVE-2021-24975

CVE-2021-24975 affects the NextScripts: Social Networks Auto-Poster WordPress plugin prior to version 4.3.24. The issue is an unauthenticated stored XSS caused by not sanitising/escaping logged requests before output in the related admin dashboard. Impact is described as stored XSS with low to me...