Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/24 6:13 a.m.18 views

CVE-2025-4133

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks...

5.4CVSS6.3AI score0.00254EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/22 8:15 p.m.8 views

WordPress Blog2Social: Social Media Auto Post & Scheduler plugin < 8.4.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Blog2Social versions 8.4.0...

5.4CVSS7.9AI score0.00254EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2025/05/22 6:42 a.m.16 views

CVE-2025-4133

creationtimestamp| type| source ---|---|--- 2025-05-22 06:42:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17257 2025-05-22 09:15:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpqrppb4jt2m...

5.4CVSS8.7AI score0.00254EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/22 6:0 a.m.22 views

CVE-2025-4133 Blog2Social: Social Media Auto Post & Scheduler < 8.4.0 - Contributor+ Stored XSS

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks...

0.00254EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/22 6:0 a.m.8 views

CVE-2025-4133 Blog2Social: Social Media Auto Post & Scheduler < 8.4.0 - Contributor+ Stored XSS

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks...

5.3AI score0.00254EPSS
Exploits1References1
Rows per page
Query Builder