202 matches found
WordPress Easy Social Feed – Social Photos Gallery and Post Feed for WordPress plugin <= 6.6.5 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Easy Social Feed versions = 6.6.5...
WordPress Inavii Social Feed plugin <= 2.7.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Inavii for Elementor Social Feed versions = 2.7.0...
WordPress Easy Social Feed plugin <= 6.5.2 - Missing Authorization to Settings Modification vulnerability
Missing Authorization to Settings Modification vulnerability discovered by Lucio Sá in WordPress Plugin Easy Social Feed versions = 6.5.2...
CVE-2024-39640
Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9...
GHSA-234R-XRRG-M8F3
creationtimestamp| type| source ---|---|--- 2026-01-05 21:08:57+00:00| seen| Telegram/k0c9q7JOFJlmLU7FVkBurPf0ZMaMF70LArv-NA9Dq5JQpCQ 2026-01-06 03:55:17+00:00| seen| https://bsky.app/profile/cyber-news-fi.bsky.social/post/3mbq2mferli2p...
WordPress BlossomThemes Social Feed plugin <= 2.0.5 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin BlossomThemes Social Feed versions = 2.0.5...
WordPress plugin Flow-Flow Social Feed Stream 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...
CVE-2025-13896
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
EUVD-2025-201534
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-13896
CVE-2025-13896 : WordPress plugin Social Feed Gallery Portfolio (versions
WordPress plugin Social Feed Gallery Portfolio 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-10637
The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...
WordPress plugin Social Feed Gallery 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2025-10637
The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...
CVE-2025-10637 Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure
The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...
CVE-2025-10637 Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure
The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...
CVE-2025-10637
CVE-2025-10637 concerns the Social Feed Gallery (insta-gallery) WordPress plugin. Multiple connected sources confirm a vulnerability in versions
WordPress Social Feed Gallery plugin <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure vulnerability
Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by 3r1c e in WordPress Plugin WP Social Feed Gallery versions = 4.9.2...
PT-2025-43718
Name of the Vulnerable Software and Affected Versions Social Feed Gallery plugin for WordPress versions prior to 4.9.3 Description The Social Feed Gallery plugin for WordPress is susceptible to Information Exposure due to inadequate user authorization verification. This allows unauthenticated...
EUVD-2020-16710
Malware in sbrugna...