| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-26758 | WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability | RebelCode | Spotlight Social Media Feeds | Medium | 5.3 | 2025-02-17 11:38:14 | Deep Dive |
| CVE-2024-12071 | Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | evergreencontentposter | Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media | Medium | 5.3 | 2025-01-18 03:21:13 | Deep Dive |
| CVE-2025-22749 | WordPress Social Media Engine plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability | ThemesCraft.co | Social Media Engine | Medium | 6.5 | 2025-01-15 15:23:30 | Deep Dive |
| CVE-2025-22319 | WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability | DearHive | Social Media Share Buttons | MashShare | Medium | 4.3 | 2025-01-07 16:55:11 | Deep Dive |
| CVE-2024-55982 | WordPress Share Buttons – Social Media plugin <= 1.0.2 - SQL Injection vulnerability | richteam | Share Buttons – Social Media | Critical | 9.3 | 2024-12-16 14:31:18 | Deep Dive |
| CVE-2024-54423 | WordPress Social Media Sharing plugin <= 1.1 - CSRF to Stored XSS vulnerability | Jesse Overright | Social Media Sharing | High | 7.1 | 2024-12-16 14:13:51 | Deep Dive |
| CVE-2023-34009 | WordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.8.1 - Broken Access Control + CSRF | Inisev | Social Media & Share Icons | Medium | 4.3 | 2024-12-13 14:23:35 | Deep Dive |
| CVE-2024-11871 | Social Media Shortcodes <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | tw2113 | Social Media Shortcodes | Medium | 6.4 | 2024-12-12 05:24:23 | Deep Dive |
| CVE-2023-49861 | WordPress Social Media Feather plugin <= 2.1.3 - Broken Access Control vulnerability | socialmediafeather | Social Media Feather | 中危 | - | 2024-12-09 11:30:10 | Deep Dive |
| CVE-2024-51845 | WordPress Share Buttons – Social Media plugin <= 1.0.2 - SQL Injection vulnerability | richteam | Share Buttons – Social Media | High | 8.5 | 2024-11-11 06:01:29 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9057 | Curator.io: Show all your social media posts in a beautiful feed. <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via feed_id Attribute | curatorio | Curator.io | Medium | 6.4 | 2024-10-10 02:06:10 | Deep Dive |
| CVE-2024-8352 | Social Web Suite – Social Media Auto Post, Social Media Auto Publish <= 4.1.11 - Directory Traversal to Arbitrary File Download | dejanmarkovic | Social Web Suite – Social Media Auto Post, Social Media Auto Publish | High | 7.5 | 2024-10-03 03:32:01 | Deep Dive |
| CVE-2024-7302 | Blog2Social: Social Media Auto Post & Scheduler <= 7.5.4 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 6.4 | 2024-08-01 06:47:04 | Deep Dive |
| CVE-2024-37545 | WordPress Floating Social Media Links plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability | Nick Halsey | Floating Social Media Links | Medium | 5.9 | 2024-07-21 07:02:28 | Deep Dive |
| CVE-2024-37552 | WordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.9.1 - Cross Site Scripting (XSS) vulnerability | Inisev | Social Media & Share Icons | Medium | 5.9 | 2024-07-21 06:54:35 | Deep Dive |
| CVE-2024-0974 | Social Media Widget < 4.0.9 - Admin+ Stored XSS | Unknown | Social Media Widget | 中危 | - | 2024-07-12 06:00:04 | Deep Dive |
| CVE-2024-3984 | EmbedSocial – Social Media Feeds, Reviews and Galleries <= 1.1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting | embedsocial | EmbedSocial – Social Media Feeds, Reviews and Galleries | Medium | 6.4 | 2024-06-19 03:12:31 | Deep Dive |
| CVE-2023-40672 | WordPress Sticky Social Media Icons plugin <= 2.1 - Broken Access Control vulnerability | Hardik Chavada | Sticky Social Media Icons | Medium | 5.4 | 2024-06-12 09:36:29 | Deep Dive |
| CVE-2024-3549 | Blog2Social: Social Media Auto Post & Scheduler <= 7.4.1 - Authenticated (Subscriber+) SQL Injection | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Critical | 9.9 | 2024-06-11 06:44:16 | Deep Dive |