3 matches found
WordPress Blog2Social plugin <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter vulnerability
Authenticated Subscriber+ SQL Injection via prgSortPostType Parameter vulnerability discovered by mikemyers in WordPress Plugin Blog2Social versions = 8.4.4...
CVE-2025-5673 Blog2Social <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...
CVE-2025-5673 Blog2Social <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...