PT-2026-31109

Name of the Vulnerable Software and Affected Versions Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress versions up to and including 8.8.3 Description The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is susceptible to authorization bypass. This occurs...

He Got Banned From X. Now He Wants to Help You Escape, Too

When programmer Micah Lee was kicked off X for a post that offended Elon Musk, he didn't look back. His new tool for saving and deleting your X posts can give you that same sweet release...

CVE-2024-9689

The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting posts, which could allow attackers to make logged in admin perform such action via a CSRF attack...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add users, 2 delete posts, or 3 modify PHP files via unspecified vectors, or 4 conduct cross-site...

Facebook Proposes Eliminating User Voting System for Privacy Changes

Facebook today announced plans to eliminate its voting system that gave users a say in how their privacy is handled. In a statement issued Wednesday, Elliot Schrage, Vice President, Communications, Public Policy and Marketing for the Menlo Park, Calif.-based social media company, said the voting...