Social Networks Auto Poster@* Security Vulnerabilities and Issues — Social Networks Auto Poster@* CVE List

Lucene search

NextscriptsSocial Networks Auto Poster*

10 matches found

CVE•added 2024/05/22 7:15 a.m.•83 views

CVE-2024-2088

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract sensi...

8.5CVSS8.2AI score0.00692EPSS

CVE•added 2024/05/22 7:15 a.m.•52 views

CVE-2024-1446

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.3. This is due to missing or incorrect nonce validation on the nxssnap-reposter page. This makes it possible for unauthenticated attackers to delet...

5.4CVSS5.6AI score0.00125EPSS

CVE•added 2019/03/22 12:29 a.m.•49 views

CVE-2019-9911

The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS.

6.1CVSS6.3AI score0.00243EPSS

CVE•added 2024/05/22 7:15 a.m.•45 views

CVE-2024-1762

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

6.1CVSS6.1AI score0.01093EPSS

CVE•added 2024/07/22 9:15 a.m.•43 views

CVE-2024-37275

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NextScripts allows Reflected XSS.This issue affects NextScripts: from n/a through 4.4.6.

7.1CVSS7AI score0.00098EPSS

CVE•added 2022/02/01 1:15 p.m.•36 views

CVE-2021-24975

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting issue

6.1CVSS5.9AI score0.03687EPSS

CVE•added 2022/02/01 1:15 p.m.•36 views

CVE-2021-25072

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack

6.5CVSS6.3AI score0.00097EPSS

CVE•added 2021/11/01 9:15 p.m.•35 views

CVE-2021-38356

The NextScripts: Social Networks Auto-Poster

6.1CVSS6AI score0.0021EPSS

CVE•added 2024/10/16 7:15 a.m.•34 views

CVE-2020-36831

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on multiple user privilege/security functions provided in versions up to, and including 4.3.17. This makes it possible for low-privileged attackers, like subscrib...

6.5CVSS5AI score0.00095EPSS

CVE•added 2023/12/15 3:15 p.m.•29 views

CVE-2023-49183

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2.

7.1CVSS6.6AI score0.00193EPSS