Social Auto Poster Security Vulnerabilities and Issues — Social Auto Poster CVE List

Lucene search

WpwebinfotechSocial Auto Poster

8 matches found

CVE•added 2024/07/24 3:15 a.m.•41 views

CVE-2024-6755

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpw_auto_poster_quick_delete_multiple’ function in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to del...

6.5CVSS6.4AI score0.00325EPSS

CVE•added 2024/10/20 11:15 a.m.•40 views

CVE-2024-49272

Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15.

8.8CVSS6.4AI score0.00042EPSS

CVE•added 2024/07/24 3:15 a.m.•39 views

CVE-2024-6756

The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_image_path' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Contributor-level and above...

8.8CVSS6.4AI score0.02483EPSS

CVE•added 2024/07/24 3:15 a.m.•36 views

CVE-2024-6754

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_update_tweet_template’ function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Subscriber-leve...

5.4CVSS6.8AI score0.00085EPSS

CVE•added 2024/07/24 3:15 a.m.•35 views

CVE-2024-6753

The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. This makes it...

7.2CVSS6.3AI score0.00846EPSS

CVE•added 2024/07/24 3:15 a.m.•34 views

CVE-2024-6750

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add, modify, or delete post ...

7.5CVSS7AI score0.00404EPSS

CVE•added 2024/07/24 3:15 a.m.•34 views

CVE-2024-6751

The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to add, modify, or delete post meta and ...

6.5CVSS6.2AI score0.00032EPSS

CVE•added 2024/07/24 3:15 a.m.•33 views

CVE-2024-6752

The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_name’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. This makes it ...

6.4CVSS5.8AI score0.00064EPSS