2 matches found
CVE-2024-3549 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.1 - Authenticated (Subscriber+) SQL Injection
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the 'b2sSortPostType' parameter in all versions up to, and including, 7.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...
WordPress Blog2Social Plugin <= 7.4.1 is vulnerable to SQL Injection
Software Blog2Social Type Plugin Vulnerable versions = 7.4.1 Fixed in 7.4.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3549 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 340183160613 Credits 1337Wannabe Required privilege Subscriber Published ...