Social Networks Auto Poster Security Vulnerabilities and Issues — Social Networks Auto Poster CVE List

NextscriptsSocial Networks Auto Poster

10 matches found

CVE•added 2024/05/22 6:50 a.m.•96 views

CVE-2024-2088

CVE-2024-2088 affects NextScripts: Social Networks Auto-Poster for WordPress (all versions up to and including 4.4.3). The vulnerability is a Sensitive Information Exposure via the nxs_getExpSettings function that allows authenticated users with subscriber access and higher to disclose social net...

8.5CVSS8.2AI score0.00345EPSS

CVE•added 2024/05/22 6:50 a.m.•68 views

CVE-2024-1446

CVE-2024-1446 affects NextScripts: Social Networks Auto-Poster for WordPress. The vulnerability is a Cross-Site Request Forgery on the nxssnap-reposter page that allowed unauthenticated attackers to delete posts/pages via forged admin actions. It affects all versions up to and including 4.4.3. Co...

5.4CVSS5.6AI score0.00181EPSS

CVE•added 2024/05/22 6:50 a.m.•65 views

CVE-2024-1762

CVE-2024-1762 affects NextScripts: Social Networks Auto-Poster for WordPress. The vulnerability is Stored XSS in HTTP_USER_AGENT present in all versions up to 4.4.3 due to insufficient sanitization/escaping. Exploitation requires the victim to view the page with the cron events list (“All Cron Ev...

6.1CVSS6.1AI score0.00389EPSS

CVE•added 2019/03/21 11:1 p.m.•59 views

CVE-2019-9911

CVE-2019-9911 concerns the WordPress plugin NextScripts: Social Networks Auto-Poster (Facebook-Twitter-G), specifically versions prior to 4.2.8. The vulnerability is an XSS in the admin endpoint wp-admin/admin.php?page=nxssnap-reposter&action=edit, which can be triggered in the affected context. ...

6.1CVSS6.3AI score0.01253EPSS

Web

CVE•added 2024/07/22 8:43 a.m.•58 views

CVE-2024-37275

CVE-2024-37275 is a WordPress NextScripts plugin

7.1CVSS5.9AI score0.00293EPSS

CVE•added 2021/11/01 9:1 p.m.•52 views

CVE-2021-38356

The CVE affects the WordPress plugin NextScripts: Social Networks Auto-Poster (versions

6.1CVSS6AI score0.00845EPSS

Web

CVE•added 2022/02/01 12:21 p.m.•50 views

CVE-2021-24975

CVE-2021-24975 affects the NextScripts: Social Networks Auto-Poster WordPress plugin prior to version 4.3.24. The issue is an unauthenticated stored XSS caused by not sanitising/escaping logged requests before output in the related admin dashboard. Impact is described as stored XSS with low to me...

6.1CVSS5.9AI score0.01334EPSS

Web

CVE•added 2022/02/01 12:21 p.m.•48 views

CVE-2021-25072

CVE-2021-25072 affects the WordPress plugin NextScripts: Social Networks Auto-Poster (versions before 4.3.25). The issue is a missing CSRF check when deleting items, allowing an attacker to induce a logged-in admin to delete arbitrary posts via a CSRF attack. Public references describe the vulner...

6.5CVSS6.3AI score0.00531EPSS

Web

CVE•added 2023/12/15 2:54 p.m.•48 views

CVE-2023-49183

CVE-2023-49183 is a reflected XSS in NextScripts: Social Networks Auto-Poster for WordPress, affecting versions up to 4.4.2. Root cause: improper input handling for the 'code' parameter leading to unescaped output. Impact stated in sources: Reflected XSS; exploitation could occur via crafted inpu...

7.1CVSS7.1AI score0.00407EPSS

CVE•added 2024/10/16 6:43 a.m.•46 views

CVE-2020-36831

The CVE-2020-36831 issue affects the WordPress plugin NextScripts: Social Networks Auto-Poster (versions up to and including 4.3.17). The root cause is missing capability checks across multiple user privilege/security functions, causing an authorization bypass that could let low-privileged users ...

6.5CVSS5AI score0.00488EPSS