Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 20 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4330 Blog2Social: Social Media Auto Post & Scheduler <= 8.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Schedule Modification via 'b2s_id' Parameter pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 4.3 2026-04-08 07:43:03 Deep Dive
CVE-2026-1877 Auto Post Scheduler <= 1.84 - Cross-Site Request Forgery to Stored Cross-Site Scripting via aps_options_page johnh10Auto Post Scheduler Medium 6.1 2026-03-31 05:28:53 Deep Dive
CVE-2026-4331 Blog2Social: Social Media Auto Post & Scheduler <= 8.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Deletion via 'b2s_reset_social_meta_tags' AJAX Action pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 4.3 2026-03-26 03:37:28 Deep Dive
CVE-2026-1942 Blog2Social: Social Media Auto Post & Scheduler <= 8.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 6.5 2026-02-18 10:20:49 Deep Dive
CVE-2025-14943 Blog2Social: Social Media Auto Post & Scheduler <= 8.7.2 - Incorrect Authorization to Authenticated (Subscriber+) Sensitive Information Exposure pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 4.3 2026-01-10 06:32:34 Deep Dive
CVE-2025-13558 Blog2Social <= 8.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Trashing pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 5.4 2025-11-25 04:38:00 Deep Dive
CVE-2025-12560 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via post_url pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 4.3 2025-11-06 05:31:25 Deep Dive
CVE-2025-12563 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Incorrect Authorization to Video File Upload pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 4.3 2025-11-06 04:36:22 Deep Dive
CVE-2025-5673 Blog2Social <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 6.5 2025-06-17 01:44:11 Deep Dive
CVE-2025-4133 Blog2Social: Social Media Auto Post & Scheduler < 8.4.0 - Contributor+ Stored XSS UnknownBlog2Social: Social Media Auto Post & Scheduler--2025-05-22 06:00:09 Deep Dive
CVE-2024-7302 Blog2Social: Social Media Auto Post & Scheduler <= 7.5.4 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 6.4 2024-08-01 06:47:04 Deep Dive
CVE-2024-3549 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.1 - Authenticated (Subscriber+) SQL Injection pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Critical 9.9 2024-06-11 06:44:16 Deep Dive
CVE-2024-3678 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.2 - Information Exposure pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 5.3 2024-04-26 07:28:19 Deep Dive
CVE-2022-3622 Blog2Social <= 6.9.11 - Missing Authorization to Authenticated (Subscriber+) Settings Update pr-gatewayBlog2Social: Social Media Auto Post & Scheduler Medium 4.1 2023-10-20 07:29:40 Deep Dive
CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) Blog2Social, AdenionBlog2Social: Social Media Auto Post & Scheduler High 7.1 2023-09-06 08:14:40 Deep Dive
CVE-2023-3936 Blog2Social < 7.2.1 - Reflected XSS UnknownBlog2Social: Social Media Auto Post & Scheduler 中危 -2023-08-21 12:29:50 Deep Dive
CVE-2022-3247 Blog2Social < 6.9.10 - Subscriber+ SSRF UnknownBlog2Social: Social Media Auto Post & Scheduler 中危 -2022-10-25 00:00:00 Deep Dive
CVE-2022-3246 Blog2Social < 6.9.10 - Subscriber+ SQLi UnknownBlog2Social: Social Media Auto Post & Scheduler 高危 -2022-10-25 00:00:00 Deep Dive
CVE-2021-24956 Blog2Social < 6.8.7 - Reflected Cross-Site Scripting UnknownBlog2Social: Social Media Auto Post & Scheduler 中危 -2021-12-21 08:45:39 Deep Dive
CVE-2021-24137 Blog2Social: Social Media Auto Post & Scheduler < 6.3.1 - Authenticated SQL Injection UnknownBlog2Social: Social Media Auto Post & Scheduler 高危 -2021-03-18 14:57:49 Deep Dive