CVE-2021-25065
CVE-2021-25065 affects the Smash Balloon Social Post Feed WordPress plugin prior to version 4.1.1. The vulnerability is an authenticated reflected XSS in the custom-facebook-feed feature on the cff-top admin page. Connected sources specify the issue as a reflected XSS with impact potentially enab...