WordPress Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin <= 2.5.4 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by gidget smith in WordPress Plugin Custom Twitter Feeds Tweets Widget versions = 2.5.4...

CVE-2023-52136

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: from n/a through 2.1.2...

CVE-2024-49685

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds Tweets Widget allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds Tweets Widget: from n/a through 2.2.3...

CVE-2024-49685 WordPress Custom Twitter Feeds plugin <= 2.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Custom Twitter Feeds Tweets Widget custom-twitter-feeds allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds Tweets Widget: from n/a through = 2.2.3...

WordPress Custom Twitter Feeds plugin <= 2.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Custom Twitter Feeds Tweets Widget versions = 2.2.3...

WordPress Custom Twitter Feeds plugin < 2.2.3 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Custom Twitter Feeds Tweets Widget versions 2.2.3...

CVE-2023-52136

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: from n/a through 2.1.2...

CVE-2023-52136

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: from n/a through 2.1.2...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: from n/a through 2.1.2...

CVE-2023-52136

CVE-2023-52136 is a Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (also named Custom Twitter Feeds – A Tweets Widget or X Feed Widget). Affected: Custom Twitter Feeds plugin for WordPress, up to version 2.1.2. The related Wordfence entry confirms CSRF expos...

WordPress Custom Twitter Feeds (Tweets Widget) Plugin < 2.0 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:smashballoon:customtwitterfeeds"; if description...

CVE-2022-33974

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds Tweets Widget plugin = 1.8.4 versions...

CVE-2022-33974

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds Tweets Widget plugin = 1.8.4 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Smash Balloon Custom Twitter Feeds Tweets Widget plugin = 1.8.4 versions...

WordPress Plugin Custom Twitter Feeds 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress Plugin Latest Tweets Widget Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress plugin Latest Tweets Widget 1.1.4 and prior versions, which stems from a CSRF check...

CVE-2022-1624

The Latest Tweets Widget WordPress plugin through 1.1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1624

Summary: CVE-2022-1624 affects the WordPress plugin Latest Tweets Widget (versions ≤ 1.1.4). The flaw is a missing CSRF check when updating settings, which could let a logged-in admin be manipulated via CSRF. Sources across NVD, Red Hat, CNVD, CVE List, WPVulnDB, CNNVD and PatchStack corroborate ...

WordPress plugin Latest Tweets Widget 跨站请求伪造漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress plugin Latest Tweets Widget 1.1.4 and prior versions, which stems from a CSRF check...