CVE-2025-23654

Cross-Site Request Forgery CSRF vulnerability in krolow Twitter Post twitterpost allows Stored XSS.This issue affects Twitter Post: from n/a through = 0.1...

EUVD-2022-7679

Malicious code in bioql PyPI...

EUVD-2025-3318

Malicious code in bioql PyPI...

CVE-2018-25058

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

CVE-2025-23654

Cross-Site Request Forgery CSRF vulnerability in krolow Twitter Post twitterpost allows Stored XSS.This issue affects Twitter Post: from n/a through = 0.1...

CVE-2025-23654

Cross-Site Request Forgery CSRF vulnerability in krolow Twitter Post twitterpost allows Stored XSS.This issue affects Twitter Post: from n/a through = 0.1...

CVE-2025-23654

CVE-2025-23654 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Twitter Post WordPress plugin by Vinícius Krolow that enables Stored XSS. The description indicates the issue affects Twitter Post versions from n/a through 0.1. The Red Hat entry corroborates the CSRF-to-Stored XSS...

CVE-2025-23654 WordPress Twitter Post plugin <= 0.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in krolow Twitter Post twitterpost allows Stored XSS.This issue affects Twitter Post: from n/a through = 0.1...

PT-2025-5000 · Unknown · Vinícius Krolow Twitter Post

Name of the Vulnerable Software and Affected Versions: Vinícius Krolow Twitter Post versions n/a through 0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF problem that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

WordPress plugin Twitter Post 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener Access

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

GHSA-M688-CX2P-RGQ9 Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener Access

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

CVE-2018-25058

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

CVE-2018-25058

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

Design/Logic Flaw

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

CVE-2018-25058

The CVE-2018-25058 issue affects Twitter-Post-Fetcher up to version 17.x, specifically the js/twitterFetcher.js component of the Link Target Handler. The vulnerability enables a web link to an untrusted target via window.opener access and can be triggered remotely. A fix is available in version 1...

CVE-2018-25058 Twitter-Post-Fetcher Link Target twitterFetcher.js reverse tabnabbing

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

Twitter-Post-Fetcher 安全漏洞

Twitter-Post-Fetcher is a library by Jason Mayes personal developer. Used to fetch your twitter posts without using the new twitter 1.1 API. A security vulnerability exists in Twitter-Post-Fetcher versions before 17.x. An attacker exploited the vulnerability to cause victims to use web links from...

PT-2022-8068 · Unknown · Twitter-Post-Fetcher

Name of the Vulnerable Software and Affected Versions: Twitter-Post-Fetcher versions up to 17.x Description: A vulnerability has been found in Twitter-Post-Fetcher, affecting an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to the use o...