3 matches found
CVE-2024-1763
CVE-2024-1763 affects the WordPress plugin WP Social Login and Register Social Counter; all versions up to 3.0.0 are vulnerable due to a missing capability check on the /wp_social/v1/ REST endpoint, enabling unauthenticated modification of provider settings (enable/disable). Multiple connected so...
CVE-2025-1506
CVE-2025-1506 documents confirm a Cross-Site Forgery (CSRF) vulnerability in the WordPress plugin “Wp Social Login and Register Social Counter” up to version 3.1.0. The root cause is missing or incorrect nonce validation on the counter_access_key_setup() function, enabling unauthenticated attacke...
CVE-2022-47160
The CVE-2022-47160 entry describes an exposure of sensitive information to an unauthorized actor affecting the WordPress plugin Wp Social Login and Register Social Counter (WP Social). Affected component: the WP Social plugin; vulnerable version range: up to 1.9.0 (from n/a through 1.9.0). Root c...