3 matches found
CVE-2026-7051
The CVE-2026-7051 entry concerns the Blog2Social WordPress plugin (versions up to 8.9.0) with a Missing Authorization issue. The root cause is missing blog_user_id constraints in B2S_Post_Tools::deleteUserPublishPost() and deleteUserSchedPost(), allowing an authenticated subscriber+ to delete oth...
WordPress Blog2Social: Social Media Auto Post & Scheduler plugin <= 8.9.0 - Missing Authorization to Authenticated (Subscriber+) Delete Arbitrary B2S Post Records vulnerability
Missing Authorization to Authenticated Subscriber+ Delete Arbitrary B2S Post Records vulnerability discovered by awhacken in WordPress Plugin Blog2Social versions = 8.9.0...
Injection in Confluence Data Center
This High severity Injection vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Injection vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...