| CVE-2024-3555 | Social Link Pages: link-in-bio landing pages for your social media profiles <= 1.6.9 - Missing Authorization to Arbitrary Page Creation and Cross-Site Scripting | gelform | Social Link Pages: link-in-bio landing pages for your social media profiles | High | 7.2 | 2024-06-04 05:32:13 | Deep Dive |
| CVE-2024-3678 | Blog2Social: Social Media Auto Post & Scheduler <= 7.4.2 - Information Exposure | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 5.3 | 2024-04-26 07:28:19 | Deep Dive |
| CVE-2024-2118 | Social Media Share Buttons < 2.8.9 - Admin+ Stored XSS via settings | Unknown | Social Media Share Buttons & Social Sharing Icons | - | - | 2024-04-17 05:00:03 | Deep Dive |
| CVE-2024-31381 | WordPress Spotlight Social Feeds plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) vulnerability | RebelCode | Spotlight Social Media Feeds | Medium | 4.3 | 2024-04-15 10:20:14 | Deep Dive |
| CVE-2024-31109 | WordPress Woocommerce Social Media Share Buttons plugin <= 1.3.0 - CSRF to Cross Site Scripting (XSS) vulnerability | Toastie Studio | Woocommerce Social Media Share Buttons | High | 7.1 | 2024-04-02 17:31:31 | Deep Dive |
| CVE-2024-2721 | WordPress Social Media Share Buttons plugin <= 2.1.0 - PHP Object Injection vulnerability | Social Media Share Buttons By Sygnoos | Social Media Share Buttons | High | 8.2 | 2024-03-20 11:40:39 | Deep Dive |
| CVE-2024-1685 | Social Media Share Buttons <= 2.1.0 - Authenticated (Subscriber+) PHP Object Injection | sygnoos | Social Media Share Buttons | High | 8.8 | 2024-03-16 05:39:59 | Deep Dive |
| CVE-2023-52225 | WordPress Taggbox Plugin <= 3.1 is vulnerable to PHP Object Injection | Tagbox | Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics | Critical | 10.0 | 2024-01-08 17:13:22 | Deep Dive |
| CVE-2023-33214 | WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Tagbox | Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics | Medium | 5.4 | 2023-12-18 15:48:15 | Deep Dive |
| CVE-2023-41127 | WordPress Evergreen Content Poster Plugin <= 1.3.6.1 is vulnerable to Cross Site Scripting (XSS) | Evergreen Content Poster | Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media | Medium | 5.9 | 2023-11-30 12:19:02 | Deep Dive |
| CVE-2023-5845 | Simple Social Buttons < 5.1.1 - Unauthenticated Password Protected Post Access | Unknown | Simple Social Media Share Buttons | 中危 | - | 2023-11-27 16:22:02 | Deep Dive |
| CVE-2023-29428 | WordPress Superb Social Media Share Buttons and Follow Buttons Plugin <= 1.1.3 is vulnerable to Broken Access Control | SuPlugins | Superb Social Media Share Buttons and Follow Buttons for WordPress | 中危 | - | 2023-11-10 13:51:02 | Deep Dive |
| CVE-2023-47227 | WordPress Social Feed | All social media in one place Plugin <= 1.5.4.6 is vulnerable to Cross Site Scripting (XSS) | Web-Settler | Social Feed | All social media in one place | 中危 | - | 2023-11-08 18:42:08 | Deep Dive |
| CVE-2023-5661 | Social Feed <= 1.5.4.6 - Authenticated (Author+) Stored Cross-Site Scripting via Shortcode | umarbajwa | Social Feed | All social media in one place | Medium | 6.4 | 2023-11-07 11:31:08 | Deep Dive |
| CVE-2022-3622 | Blog2Social <= 6.9.11 - Missing Authorization to Authenticated (Subscriber+) Settings Update | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.1 | 2023-10-20 07:29:40 | Deep Dive |
| CVE-2023-5070 | Social Media Share Buttons & Social Sharing Icons <= 2.8.5 - Information Exposure | inisev | Social Media Share Buttons & Social Sharing Icons | Medium | 6.5 | 2023-10-20 07:29:38 | Deep Dive |
| CVE-2023-5602 | Social Media Share Buttons & Social Sharing Icons <= 2.8.5 - Cross-Site Request Forgery | inisev | Social Media Share Buttons & Social Sharing Icons | Medium | 4.3 | 2023-10-20 07:29:34 | Deep Dive |
| CVE-2023-45003 | WordPress Social Feed Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS) | Arrow Plugins | Social Feed | Custom Feed for Social Media Networks | High | 7.1 | 2023-10-17 10:59:23 | Deep Dive |
| CVE-2023-41238 | WordPress Social Media & Share Icons Plugin <= 2.8.3 is vulnerable to Cross Site Scripting (XSS) | UltimatelySocial | Social Media Share Buttons & Social Sharing Icons | High | 7.1 | 2023-09-27 11:58:55 | Deep Dive |
| CVE-2023-40554 | WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) | Blog2Social, Adenion | Blog2Social: Social Media Auto Post & Scheduler | High | 7.1 | 2023-09-06 08:14:40 | Deep Dive |