Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-37275 | 1 Nextscripts | 1 Social Networks Auto Poster | 2024-11-21 | N/A | 7.1 HIGH |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NextScripts allows Reflected XSS.This issue affects NextScripts: from n/a through 4.4.6. | |||||
CVE-2023-49183 | 1 Nextscripts | 1 Social Networks Auto Poster | 2024-11-21 | N/A | 7.1 HIGH |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2. | |||||
CVE-2021-38356 | 1 Nextscripts | 1 Social Networks Auto Poster | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
The NextScripts: Social Networks Auto-Poster <= 4.3.20 WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $_REQUEST['page'] parameter which is echoed out on inc/nxs_class_snap.php by supplying the appropriate value 'nxssnap-post' to load the page in $_GET['page'] along with malicious JavaScript in $_POST['page']. | |||||
CVE-2021-25072 | 1 Nextscripts | 1 Social Networks Auto Poster | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack | |||||
CVE-2021-24975 | 1 Nextscripts | 1 Social Networks Auto Poster | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting issue | |||||
CVE-2019-9911 | 1 Nextscripts | 1 Social Networks Auto Poster | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS. |