Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Blog2Social: Social Media Auto Post & Scheduler — Vulnerabilities & Security Advisories 19

All 19 CVE vulnerabilities found in Blog2Social: Social Media Auto Post & Scheduler, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPaused
CVE-2026-4330 Blog2Social: Social Media Auto Post & Scheduler <= 8.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Schedule Modification via 'b2s_id' Parameter CWE-639 4.3 Medium2026-04-08
CVE-2026-4331 Blog2Social: Social Media Auto Post & Scheduler <= 8.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Deletion via 'b2s_reset_social_meta_tags' AJAX Action CWE-862 4.3 Medium2026-03-26
CVE-2026-1942 Blog2Social: Social Media Auto Post & Scheduler <= 8.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification CWE-862 6.5 Medium2026-02-18
CVE-2025-14943 Blog2Social: Social Media Auto Post & Scheduler <= 8.7.2 - Incorrect Authorization to Authenticated (Subscriber+) Sensitive Information Exposure CWE-863 4.3 Medium2026-01-10
CVE-2025-13558 Blog2Social <= 8.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Trashing CWE-862 5.4 Medium2025-11-25
CVE-2025-12560 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via post_url CWE-918 4.3 Medium2025-11-06
CVE-2025-12563 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Incorrect Authorization to Video File Upload CWE-862 4.3 Medium2025-11-06
CVE-2025-5673 Blog2Social <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter CWE-89 6.5 Medium2025-06-17
CVE-2025-4133 Blog2Social: Social Media Auto Post & Scheduler < 8.4.0 - Contributor+ Stored XSS 5.4AIMediumAI2025-05-22
CVE-2024-7302 Blog2Social: Social Media Auto Post & Scheduler <= 7.5.4 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload CWE-79 6.4 Medium2024-08-01
CVE-2024-3549 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.1 - Authenticated (Subscriber+) SQL Injection CWE-89 9.9 Critical2024-06-11
CVE-2024-3678 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.2 - Information Exposure CWE-862 5.3 Medium2024-04-26
CVE-2022-3622 Blog2Social <= 6.9.11 - Missing Authorization to Authenticated (Subscriber+) Settings Update CWE-862 4.1 Medium2023-10-20
CVE-2023-40554 WordPress Blog2Social Plugin <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) CWE-79 7.1 High2023-09-06
CVE-2023-3936 Blog2Social < 7.2.1 - Reflected XSS 6.1 -2023-08-21
CVE-2022-3247 Blog2Social < 6.9.10 - Subscriber+ SSRF CWE-918 8.1 -2022-10-25
CVE-2022-3246 Blog2Social < 6.9.10 - Subscriber+ SQLi CWE-89 8.8 -2022-10-25
CVE-2021-24956 Blog2Social < 6.8.7 - Reflected Cross-Site Scripting CWE-79 6.1 -2021-12-21
CVE-2021-24137 Blog2Social: Social Media Auto Post & Scheduler < 6.3.1 - Authenticated SQL Injection CWE-89 8.8 -2021-03-18

All 19 known CVE vulnerabilities affecting Blog2Social: Social Media Auto Post & Scheduler with full Chinese analysis, references, and POCs where available.