Lucene search
+L

3139 matches found

redhatcve
redhatcve
added 2026/01/09 8:48 a.m.4 views

CVE-2025-23654

Cross-Site Request Forgery CSRF vulnerability in krolow Twitter Post twitterpost allows Stored XSS.This issue affects Twitter Post: from n/a through = 0.1...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:48 a.m.9 views

CVE-2025-23762

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Sternberg DsgnWrks Twitter Importer dsgnwrks-twitter-importer allows Reflected XSS.This issue affects DsgnWrks Twitter Importer: from n/a through = 1.1.4...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:47 a.m.6 views

CVE-2025-23691

Cross-Site Request Forgery CSRF vulnerability in Braulio Aquino Send to Twitter send-to-twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through = 1.7.2...

7.1CVSS7.2AI score0.00169EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:47 a.m.9 views

CVE-2025-23710

Cross-Site Request Forgery CSRF vulnerability in Mayur Sojitra Flying Twitter Birds flying-twitter-birds allows Stored XSS.This issue affects Flying Twitter Birds: from n/a through = 1.8...

7.1CVSS7.2AI score0.00169EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:46 a.m.6 views

CVE-2025-23464

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keir Whitaker Twitter News Feed twitter-news-feed allows Reflected XSS.This issue affects Twitter News Feed: from n/a through = 1.1.1...

7.1CVSS5.9AI score0.00278EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/07 9:31 a.m.7 views

CVE-2019-16263

The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com SSL certificate. Although the certificate chain must contain one of a set of pinned certificates, there are certain implementation errors such as a lack of hostname verification. NOTE: this is an...

7.4CVSS6.6AI score0.01025EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/07 9:14 a.m.10 views

CVE-2024-2492

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all versions up to, and including, 2.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.0036EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/01 8:27 p.m.8 views

CVE-2025-23719

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zckevin ZhinaTwitterWidget zhina-twitter-widget allows Reflected XSS.This issue affects ZhinaTwitterWidget: from n/a through = 1.0...

7.1CVSS7.2AI score0.00149EPSS
Exploits0References1
patchstack
patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Stored XSS via Shortcode vulnerability

Stored XSS via Shortcode vulnerability discovered by Bob Matyas in WordPress Plugin Twitter Bootstrap Collapse aka Accordian Shortcode versions = 1.0...

5.4CVSS5.9AI score0.00258EPSS
Exploits1References1Affected Software1
euvd
euvd
added 2025/11/24 4:31 p.m.4 views

EUVD-2025-198929

Malicious code in @posthog/twitter-followers-plugin npm...

6.6AI score
Exploits0
ossf
ossf
added 2025/11/24 4:31 p.m.6 views

Malicious code in @posthog/twitter-followers-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72f5de01d0a45127f79e5f6db0ebea050e55f26d8ebbb38b72a4e422e6d3ecc6 The package @posthog/twitter-followers-plugin was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
osv
osv
added 2025/11/24 4:31 p.m.4 views

MAL-2025-190896 Malicious code in @posthog/twitter-followers-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72f5de01d0a45127f79e5f6db0ebea050e55f26d8ebbb38b72a4e422e6d3ecc6 The package @posthog/twitter-followers-plugin was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
redhatcve
redhatcve
added 2025/11/19 10:23 a.m.3 views

CVE-2025-12079

The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.1AI score0.00217EPSS
Exploits0References1
euvd
euvd
added 2025/11/18 12:30 p.m.4 views

EUVD-2025-197966

The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.7.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.2AI score0.00217EPSS
Exploits0References3
nvd
nvd
added 2025/11/18 10:15 a.m.7 views

CVE-2025-12079

The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00217EPSS
Exploits0References3
cvelist
cvelist
added 2025/11/18 9:27 a.m.9 views

CVE-2025-12079 WP Twitter Auto Publish <= 1.7.4 - Reflected Cross-Site Scripting via PostMessage

The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00217EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/11/18 9:27 a.m.3 views

CVE-2025-12079 WP Twitter Auto Publish <= 1.7.4 - Reflected Cross-Site Scripting via PostMessage

The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6AI score0.00217EPSS
Exploits0References3
cve
cve
added 2025/11/18 9:27 a.m.20 views

CVE-2025-12079

CVE-2025-12079 (WP Twitter Auto Publish) is a reflected Cross-Site Scripting via PostMessage vulnerability in WordPress WP Twitter Auto Publish plugin. Affected versions are all up to and including 1.7.3, with exploitation possible by unauthenticated attackers who trick a user into performing an ...

6.1CVSS6.1AI score0.00217EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/11/18 12:0 a.m.4 views

WordPress plugin WP Twitter Auto Publish 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A cross-site...

6.1CVSS6AI score0.00217EPSS
Exploits0References3
patchstack
patchstack
added 2025/11/17 11:37 p.m.5 views

WordPress WP Twitter Auto Publish plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nicolai Hellesnes nico in WordPress Plugin WP Twitter Auto Publish versions = 1.7.4...

6.1CVSS5.4AI score0.00217EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder